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What  is  the  estimated  number  of  employees  in  your  entire  organization/at  your  location? 

Icheck  ONE  in  each  section  onM 


01. 

02. 

03. 

04. 

05 

06. 

07. 

08. 

09. 


I?:B 


Manufacturing  iBtrer) 

Finance/Banking 

Insurance/Real  Estate/Legal 

Health  Care  Services 

Hospitality/Entertainment/Recreation 

MediaTV/Cable/Radio/Pririt 

Retail/Wholesale  Trade/Business  Services 

Transportation 

Utikties/Process  Industries  (MnogiConaruanni 
Petr&eurnReAritriQ/AQnajItutafFomtry) 
Govemment/Military 
Consulting  OndBpwiUsnti* 


12.  _j  Education 

13.  _  CamerWoica'Data/lSP 

14.  _  Web  Hosting/HSP 

15.  Z  ASP/SSP/MSP 

16.  _  ManjfactijrgCcrTixerCormuiatoisiOa^ 

17.  l  Resellers/VARsVADs/Integrators/ 

Distributore  iCorirx/Ws/CkxivTi^^ 

18.  □  Other 

•ATTN  CONSULTANTS,  INTEGRATORS  DISTRIBUTORS 
RESELLERS  PLEASE  COMPLETE  FORM  BASED  ON  ALL 
CLIENTS  AND  YOUR  OWN  BUSINESS  NEEDS 


A. 

ENTIRE  ORGANIZATION 

B.  AT 

1. 

Over  20,000  6.  □  500  to  999 

1. 

2. 

1 0,000  to  1 9.999  7.  □  499  or  Less 

2. 

3. 

5,000  to  9,999 

3. 

4. 

2,500  to  4,999 

4. 

5. 

1,000  to  2, 499 

5. 

B.  AT  YOUR  LOCATION 


1,000  to  2,499 


500  to  999 
250  to  499 
100  to  249 


Please  rrirate  the  WetL^Smirty/LAIil/lnterTwtworVjngAVirBiess/Mobile/WAN  Equipment/Camer 
Services  that  you  are  cunBntly  involved  in  purchasing  or  pdan  tp  puitdiasa  icheck ALLthatspdy) 


WEB 


P:  What  is  your  primary  job  function?  (check  ONE  onM 

A:  What  additional  job  functions  are  you  involved  in?  (check  ALL  that  apply) 


PA  PA 

_  1 .  _  Network  Management  ! .  6.  .  Engineenng  Management/ 

_ 2  _  CtOOQCSOrtS/TTM&Syslems  Management  Applications  Management 

Z  3.  _  LAN  Management  1 _ i  7.  L  .  Corporate  Management  (CEO.  COO. 

_  4.  Datacom/Tetecom  Management  ._.  _  CEO.  Pm..  VP.  Or..  Mgr.) 

5.  iTtemetYitranetWePT Commerce  Management  j —  8.  —  Consultant  (Independent; 

What  is  the  estimated  value  of  network  equipment  and  services  that  you  specify, 
recommend,  or  approve  the  purchase  of  for  this  location  and  for  all  other  locations? 


01. 

Web  Servers/Software 

40. 

_ 

02. 

Web  Traffic  Management 

41. 

03. 

Electronic  Commerce  Tools 

42. 

_ 

04. 

Web  Development  Tools/Corrtent  Mgmt. 

43. 

_ 

05. 

Web  Collaboration/Groupware 

44. 

06. 

Web  Acceleration/Caching/load  Balancing 

45. 

07. 

Web  Hosting  Services 

08. 

_ 

Portal/Intranet 

WAN  EO 

09. 

Other  Web 

A 

B 

A.  THIS  LOCATION  B.  ALL  OTHER  LOCATIONS 

(Please  [Sn!  the  appropriate  number  code  on  the  line  next  to  each  product  category. 

A  B  A  B 

1.  $100  Million  or  More  _  A  _  Large  Systems  mmmvunsi  _|._ 

2.  $50  Miron  to  $99.9  Million  _  B. .  Desktops  iMoMapm/votseacm  _J._ 

3  $25  Million  to  $49.9  Million  _C._Mobile  _K._ 

,  0. .  Servers  _  L.  _ 

_  E.  _  LANs  _M. 

_  F.  _  WAN  Equipment  _  N. 

_  G.  _  Camer  Services  _  0. 

_  H.  _  Intemet/Web/E-Commerce  P.  _ 


4.  $10  Million  to  $24.9  Million 

5  $1  Million  to  $9.9  Million 

6  $100.00  to  $999,999 
7.  $50,000  to  $99,999 
8  Under  $50,000 

9.  None olthe above 


Please  complete  ALL  categories  A-P.) 

Intranet/Extranet 
htemetwrkng  tadrgnxm  seems 
Storage 
Remote  Access 
_  Peripherals  mdidnjAinws 
.  Software 

.  Services/Support  Services 
Security 


A.  CURRENTLY  INVOLVED  IN  PURCHASING  B.  PLAN  TO  PURCHASE 

WIRELESS/MOBILE 
A  B 

Fixed  Wireless  LAN  Equip/Services  incl.  802.1 1 
Wireless/Cell  Phones 
PDAs 
Bluetooth 

Mobile  Data  Equipment/  Services 
Other  Remote/Wireless 


SECURITY 

A  B 

Firewalls 

11.  | _ I  Anti- Virus  Software 

Public  Key  Encryption  (PKI) 
DES  Encryption  Tools 
Authentication  Tools 
Intrusion  Detection 
Biometrics 
VPN  Equipment 
VPN  Security 
VPN  Services 
Other  Security 


46. 

Frame  Relay  Equipment 

47. 

Bandwith  Managers/Shaping/QOS  Tools 

48. 

Optical  Networks/Switches 

49. 

_ 

VoiceA/ideo  dver  IP  Gateways 

50. 

Modems/Cable  Modems 

51. 

_ 

xDSL  Products 

52. 

__ 

Diagnostic  Test  Equipment 

53. 

_ 

DSUs/CSUs 

54. 

PBXs 

55. 

Public  Network  Equipment 

56. 

_ 

Call  Center  Tools 

57. 

_ 

Video  Conferencing  Gear 

58. 

_ 

ISDN  Equipment/Services 

59. 

Other  WAN  Equipment/Services 

Ja  ■  Whal  is  the  total  number  of  sites  for  which  you  have  purchase  influence? 

(check  QN£  only) 


1.[DlOO+  2.  □  50  to  99  3.D20to49  4.dl0to19  5.D2to9  6.(Hl  7.DNone 


What  is  the  total  number  of  Servers/Clients  installed/planned  at  your  location/in  your  entire 
organization?  (check  ONE  box  in  each  column) 


At  Location 


SERVERS 


Entire  Org. 


5  _ 


At  Location  CLIENTS  Entire  Org. 


A 

B 

C 

D 

i. 

50,000+ 

1. 

50,000+ 

2. 

10.000  to  49.999 

2. 

10,000  to  49,999 

3. 

1,000  to  9.999 

3. 

1,000  to  9,999 

4. 

100to999 

4. 

100  to  999 

5. 

50  to  99 

5. 

50  to  99 

6. 

10  to  49 

6. 

1 0  to  49 

7. 

1  to  9 

7. 

1  to  9 

8. 

None 

8. 

None 

Fast  Ethernet 
Gigabit  Ethernet 
Layer  3-7  Switche 
ATM  Switches 
Routers 


Storage  Backup  {Optical.  Disk.  Tape.  RAID) 
Disaster  Recovery/Business  Continuity 
Storage  Resource  Management 
Network  Test/Diagnostic  Tools/Analyzers 
Uninterruptible  Power  Supplies  (UPS) 
Network  Interface  Cards  (NlCs.  PCMCIA) 
Hubs/Intelligent  Hubs/Stackable  Hubs 
Cables,  Connectors,  Baiuns 
Wiring/Fiber  Systems 
Net  Management  Systems 
Voice  over  IP  (VoIP)  Tools 
Other  LAN/Intemetworking 


CARRIER  SERVICES 
A  B 

Internet  Access  Service/ISP 
Private  Lines 
Frame  Relay  Services 
ADSL/DSL 
T-1/T-3  Services 
ATM  Services 
Managed  Services 
LAN-Extension  Services 
OC-3/OC-12 
Wavelength  Services 
Other  Carrier  Services 

A  B 

None  of  the  above  (1-70)  IZZI 71.  CZ1 


60. 

61. 

62. 

63. 

64. 

65. 

66. 

67. 

68. 

69. 

_ 

70. 

•  ^  Please  indicate  the  Systems/Peripherals/Software/Applications/Business  Services 
that  you  are  currently  involved  in  purchasing  or  plan  to  purchase,  (check  all  that  apply) 


Whal  is  your  scope  and  involvement  in  purchasing  decisions  for  network  products 
and  services  for  your  enterprise? 


_ ionM 

Corporate/Enterprise 

1 .  u_:  Entire  Enterprise/Multiple  Enterprises 


A.  CURRENTLY  INVOLVED  IN  PURCHASING 
SYSTEMS/PERIPHERALS 

4  n  A  B 


*  If 

2.  (_  Multinational  Enterprise 

3.  Division/Multiple  Divisions 

4.  !_j  Department 

5.  □  None 


01. 

B.  INVOLVEMENT  (check  ALL  that  apply) 

02. 

03. 

1. 

Create  Network/IT  Strategy 

04. 

2. 

Create  Short  List 

05. 

3. 

Recommend/Specify  Brand 

06. 

4. 

Authorize/Approve  Purchase 

07. 

5. 

Evaluate  Products/Services 

08. 

6. 

Determine  the  Need 

09. 

7. 

None 

10. 

Laptops 

Desktops 

Intel-based  Servers 

Rise-based  Servers 

Applications  Servers 

Blade  Servers 

Print/Fax/Video  Servers 

Remote  Access  Servers 

Mid-range  Systems  (including  Workstations) 


11. 

_ 

12. 

_ 

13. 

_ 

14. 

_ 

15. 

12. _  Network  Copiers/Printers  (hybrids) 

Enclosures/Racks/Furniture 
KVM  Switches 

Other  Computers/Peripherals 

SOFTWARE/ APPLICATIONS 

A  B 


Web  Services 

Desktop/Server  Operating  Systems 
Network/Systems  Management 


{Question  #9  -  Continued) 
A  B 

_ 19. 

_ 20. 


R603A 


_21._ 
Z22.-+ 

23. 

24.  _ 

_ 1 25. , _ 

26.  _ 

27.  _ 

28.  _ 

29.  _ 

30.  _ 
U31.L 


Application  Management 
SLA  Management 
Directory  Services 
E-MailAJnified  Messaging 
Groupware 

Database  Management  Systems 
Customer  &  Supplier  Resotxce  Mgmt  ffktCfW 
Enterprise  Resource  Planning  (ERA) 

XML  Tools 

Desktop  Videoconferencing 
Middleware 

Data  WarahousmgBusiness  Analytics/EIS 
Enterprise  Application  Integration  (EAl) 


B32.  _  Applications  Development  Tools 
33. .  Other  Softwana'Appiications 

BUSINESS  SERVICES 

A  B 

ASP/MSP/SSP  Services 

35. _ Systems  Integratiorv/Consulting 

Education/Training  Services 
Other  Services 

A  B 

None  of  the  above  (1-37)  38. 


_ 

34. 

_ 

35. 

_ 

36. 

_ 

37. 

m 


•i  Please  indicate  the  platforms  that  are  currently  installed/planned,  check  au,  thatappM 


A.  CURRENTLY  INSTALLED 


NETWORK  PROTOCOLS 

A  B 

TCP/IP  v4 


NFS 


01. 

02. 

03 

04 

05. 

06. 

07. 

LAN/WAN 

A 

B 

08. 

09. 

10. 

11. 

_ 

12. 

_ 

13. 

14. 

15. 

16. 

17. 

_ 

18. 

_ 

19. 

_ 

20. 

21. 

22. 

_ 

23. 

Switched  Ethernet 


Token  Ring 
Layer  3-7  Switching 


Infiniband 

DSL 


B.  PLAN  TO  PURCHASE 


Frame  Relay 

Private  Line  T1,  T3,  OC-3,  OC-12 
Other  LAN/WAN  Environment 

DESKTOP/SERVER  OPERATING  SYSTEMS 
A  B 

J _ 1 24.  Z  Windows  XP 

I _ j25.  _j  Windows  2000 

26.  I)  Windows  95/98/ME 
_  27.  _  Windows  NT 
_  28.  _  Novell  (NetWare  6.X.  5.X.  4.X.  3.X  2.X) 
_  29.  [Z  Linux 
1 30.  _  UNIX 


_  31. 

_  32. 1 _ _ 


_ ,36. 


SOLARIS 

IBM  MVS/VM/VSE/ESA 


Z33.,_  OS/400 

34.  _  Digital  VMS 

35.  _  Macintosh 


PalmOS 


_ 37.  _  Windows  CE 

J  38.  —  Other  Operating  System 

A  B 

None  of  the  above  (1-38)  CH  39.  [Z 


Which  of  the  following  hardware  platforms  are  installed/planned  in  your  company? 

(check  ALL  that  apply) 


A.  SERVERS 

B.  WO 

01. 

IBM  (Mainframes) 

01. 

02. 

IBM  RS/6000 

02. 

03. 

IBM  AS/400 

03. 

04. 

Digital/Tandem/Compaq 

04. 

05. 

Unisys 

05. 

06. 

H-P 

06. 

07. 

Other 

07. 

B.  WORKSTATIONS/DESKTOPS/LAPTOPS 


Sun  Microsystems 
H-P 


Dell 

Gateway 

Fujitsu 


08.  _|  Toshiba 
09.  _  Sony 

10.  _  Apple 

11.  L_  Other 


m 


What  is  the  estimated  gross  revenue  of  your  entire  company/institution?  icheck  ONE  onM 


B.  PLAN  TO  PURCHASE  L 


01. 

$20  Billion  or  More  05. 

$100  Million  to  $499.9  Million  09.D 

02. 

$1 0  Billion  to  $1 9.9  Billion  06. 

$50  Million  to  $99.9  Million  10.U 

J  03. 

$1  Billion  to  $9.9  Billion  07. 

$10  Million  to  $49.9  Million 

04. 

$500  Million  to  $999.9  Milllon08. 

$5  Million  to  $9.9  Million 

,  $4.9  Million  or  Less 
None  of  the  above 


m 


For  which  areas  outside  of  the  U.S.A.  do  you  have  purchase  influence? 


B  Europe 
Asia 


S0 


South  America 
Australia 


5. _ Middle  East  7.  L  ,  Canada 

6. 1 _ 1  Afnca  8.  □  None 
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Storage:  Picnic  or  panic? 


A  special  report  on  how  to  keep  storage  from  overwhelming  you.  Insert  begins  after  page  28. 
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IETF  speeds 
transfer  of 
huge  files 


Wireless  seen 

passes  iLabs  test 

Exclusive  coverage  of  the  NetWorld+Interop  2002 
InteropNet  Labs  (iLabs)  hot-stage,  focusing  on  ways  to 
keep  vulnerable  traffic  from  being  snatched  out  of  the 

air  by  outside  predators.  Page  51.  • 


'age  10,< 


Network  security  to  take  center  stage. 


BRIAN  GAIDRY 


Industry  not  jumping 
off  InfiniBand-wagon 


■  BY  DENI  CONNOR 

Don’t  write  off  InfiniBand  just 
yet,  experts  say  as  momentum  be¬ 
hind  the  high-speed  bus  transport 
has  merely  slowed,  not  stalled. 

Despite  recent  pullbacks  by 
Hewlett-Packard,  Intel  and  Micro¬ 
soft,  those  bullish  on  InfiniBand 
see  promise  in  a  lengthening  line 
up  of  advancements,  including: 

•  Hitachi  and  start-up  Voltaire 
are  planning  to  announce  this 
week  that  Hitachi  will  integrate 
Voltaire’s  InfiniBand  switching 
software  into  its  servers  and 
storage. 


•  IBM  is  expected  to  announce 
as  early  as  next  week  that  its  4x 
(10G  bit/sec)  InfiniBand  silicon  is 

More  than 

$400 

million 

has  been  invested  in 
InfiniBand  start-ups, 
with  Mellanox  topping 
the  list  at  $89  million. 

SOURCE:  INFINIBAND  TRADE  ASSOCIATION 


generally  available.  A  number  of 
vendors,  including  start-ups  Infini- 
con  and  Vieo,  are  readying  to  an¬ 
nounce  their  support  of  IBM’s  In¬ 
finiBand  silicon,  which  will  be 
used  in  switches  and  routers. 

•  IBM,  Legato  Systems  and 
Veritas  Software  intend  to  demon¬ 
strate  their  applications  running 
on  InfiniBand-enabled  server 
clusters  at  next  week’s  Intel  De¬ 
veloper  Forum. 

•  Intel  and  start-up  Mellanox 
Technologies  announced  last 
week  that  they  would  release 
open  source  Linux  drivers  for  the 
high-speed  bus  technology  that 
will  work  with  server  and  work¬ 
station  adapters. 

Moreover,  a  number  of  start-ups 
focusing  on  InfiniBand,  such  as 
DivergeNet  and  Topspin,  are  just 
emerging  from  stealth  mode,  and 
a  few  enterprise-size  organiza¬ 
tions,  such  as  Wells  Fargo  Bank 
and  the  University  of  Washington, 
are  evaluating  the  technology 

See  InfiniBand,  page  15 


■  BY  CAROYLN  DUFFY  MARSAN 

After  five  years  of  research  and 
development,  the  Internet  Engin¬ 
eering  Task  Force  has  completed 
a  framework  to  support  the  distri¬ 
bution  of  massive  files  to  multi¬ 
tudes  of  users. 

The  framework,  designed  to 
make  one-to-many  bulk  data 
communications  on  the  Internet 
or  private  IP  networks  practical, 
already  is  supported  in  products 
that  Siebel  Systems  and  People- 
Soft  use  to  distribute  gigabytes  of 
software  code  between  far-flung 
development  shops.  Other  poten¬ 
tial  enterprise  uses  of  the  frame¬ 
work  include  oil  and  gas  compa¬ 
nies  distributing  seismic  maps  to 


■  BY  JOHN  FONTANA 

Stepped-up  efforts  to  eradicate 
spam  are  creating  collateral  dam¬ 
age  as  network  executives  and 
others  find  that  aggressive  filters 
can  block  receipt  of  legitimate 
mail  and  create  uncertainty  over 
successful  delivery 

Antispam  filters  are  a  work  in 
progress,  and  network  profession¬ 
als  must  carefully  fine-tune  the 


remote  locations,  global  con¬ 
struction  companies  sharing 
technical  documents  among  sub¬ 
contractors  and  IT  shops  backing 
up  distributed  databases  for  dis¬ 
aster-recovery  purposes. 

Network  vendors  that  helped 
develop  the  framework  within 
the  lETF’s  Reliable  Multicast 
Transport  working  group  include 
Cisco,  Microsoft,  Motorola  and 
start-up  Digital  Fountain,  which 
started  shipping  its  products  ear¬ 
lier  this  year. 

“If  you  want  to  distribute  large 
files  to  multiple  recipients,  you 
have  to  think  about  how  you’re 
going  to  do  that  and  how  you’re 
going  to  spare  the  Internet  and 
See  IETF,  page  85 


software  to  ensure  they  don’t 
cripple  confidence  in  the  reliabil¬ 
ity  of  e-mail,  which  has  become 
an  indispensable  business  tool. 

Filters  are  causing  headaches 
for  e-mail  senders,  especially 
those  who  ship  large  volumes 
of  legitimate  mail  such  as  news¬ 
letter  publishers,  who  are  see¬ 
ing  spikes  in  the  number  of 
messages  that  are  filtered  out 
See  Spam,  page  16 


Spam  filters  revealing 
their  darker  side 


WHAT  WINDOWS  DOES 

THE  SUN™  LX50 


INTRODUCING  THE  SUN  LX50  SERVER 
WITH  LINUX. 

Deploying  Linux  no  longer  means  buying  hardware  from  one 
company,  downloading  the  operating  system  from  another, 
adding  middleware  from  a  third  and  hoping  it  all  works 
together.  The  Sun  LX50  server  is  designed  to  work  with 
our  best-of-breed  Web  services  platform,  Sun  ONE,  which 
includes  an  affordable  Java"  2  Enterprise  Edition  (J2EE“) 
application  platform.  It  also  comes  with  Sun  Grid  Engine 
software,  MySQL  database,  Apache  Web  server.  Sun  Streaming 
Server  and  Sun  ONE  Active  Server  Pages,  all  pre-installed. 
And  it's  compatible  with  your  current  custom  and  off-the- 
shelf  Linux  applications.  With  the  new  Sun  LX50  server, 
Linux  has  truly  arrived  in  the  enterprise. 


INTRODUCING  THE  SUN  LX50  SERVER 
WITH  SOLARIS™  OE. 

If  security  and  reliability  concerns  have  kept  you  from  moving 
more  applications  to  lower-cost  hardware,  here’s  your  reward  for 
not  compromising.  Now  you  can  deploy  the  rock-solid  Solaris 
Operating  Environment  at  the  edge  of  your  network  in  a  way 
that  is  affordable  and  reliable.  Engineered  to  operate  on  a  32-bit 
x86  chip,  the  Sun  LX50  server  runs  your  favorite  Solaris  programs 
and  is  compatible  with  leading  open  source  Linux  applications. 
And  it  ships  with  an  affordable  J2EE  application  platform.  Sun 
Grid  Engine  software  and  MySQL  database.  Finally,  someone  is 
delivering  the  industry’s  best  UNIX®  on  both  entry-level  x86 
and  robust  SPARC®  platforms,  so  your  business  can  grow  with 
fewer  growing  pains.  That  someone,  of  course,  is  Sun. 


©200;  Sun  Microsystems.  Inc  All  rights  reserved  Sun.  Sun  Microsystems,  the  Sun  logo.  Solaris,  lava  and  |2EE  are  trademarks  or  registered  trademarks  of  Sun  Microsystems.  Inc.  in  the  United  States  and  other  countries.  All  SPARC 
trademarks  are  used  under  license  and  are  trademarks  or  registered  trademarks  of  SPARC  International.  Inc.  in  the  United  States  and  other  countries.  Products  bearing  SPARC  trademarks  are  based  on  an  architecture  developed 
by  Sun  Microsystems.  Inc  UNIX  is  a  registered  trademark  in  the  United  States  and  other  countries,  exclusively  licensed  through  X/Open  Company.  Ltd. 


for  THE  IT  WORLD, 
SERVER  undoes. 


Imagine  running  a  firewall/VPN  application  on  a  secure  platform.  Or  e-mailing  vital  business  contacts 
on  a  virus-free  platform.  Or  streaming  media  on  a  reliable  platform.  (No.  we  mean  really  reliable.)  Now 
you  can.  The  Sun™  LX50  server,  based  on  a  32-bit  x86  platform,  gives  you  the  option  of  running  either 
the  rock-solid  Solaris "  Operating  Environment  or  a  standard  distribution  of  Linux,  for  your  critical-edge 
applications.  It's  a  remarkably  affordable  way  to  avoid  Microsoft  migraines,  as  well  as  those  costly  recurring 
software  licensing  fees.  At  just  $2,793,  the  Sun  LX30  server  comes  complete  with  a  totally  integrated 
software  stack  and  key  middleware  infrastructure,  and  -  for  the  first  time  -  round-the-clock,  mission-critical 
support,  making  it  the  most  cost-effective  solution  for  deploying  edge  applications  like  Web  serving,  e-mail 
and  collaboration.  Two  cost-effective,  scalable  options  to  Windows.  And  that  beats  two  aspirin  any  day. 


I 


To  buy  an  integrated,  enterprise-class  system  starting  at  $2,795, 
visit  www.sun.com/lx50server. 


If  you  had  BrightStor  ARCserve  Backup,  you  wouldn't  need  this. 

Worried  that  your  current  backup  software  isn't  going  to  be  there  when  you  need  it  most?  It's  time  to  consider  BrightStor"’ 
ARCserve'  Backup,  the  industry  leader  in  backup  and  data  protection.  Right  now  is  the  best  time  to  make  your  decision  to  change 

with  the  BrightStor  ARCserve  Backup  Competitive  Replacement  Promotion.  For  as  little  as  $495, 
you  can  get  a  complete  suite  of  industry-leading  backup  and  restore  technology.  Or  choose  the 
$995  Deluxe  Package  including  the  Disaster  Recovery  Option,  Open  File  Protection,  Client 
Agents,  24  x  7  Technical  Support,  Upgrade  Protection  and  more  valued  at  up  to  $5,800.  Of 
course,  BrightStor  ARCserve  Backup  isn't  just  a  great  deal.  It's  also  a  great  product.  And  it's  part 
of  the  most  comprehensive  family  of  storage  management  solutions,  backed  by  the  company  that  protects  99%  of  the  Fortune  500.' 
Contact  us  today  to  experience  BrightStor  ARCserve  Backup.  And  get  the  peace  of  mind  you  just  can't  get  from  anywhere  else. 

ca.com/arcserve/replace  1-866-480-8903  Promo  Code  1029 


$495  $995 

Complete  Suite  i  Deluxe  Package 

BrightStor  ARCserve  Backup 
Competitive  Replacement  Promotion 


BrightStor  ARCserve  Backup 


Computer  Associates™ 


Promutionol  o Her  is  valid  in  the  continental  U  S.  and  Canoda  between  June  10,  2002  and  September  30,  2002.  User  must  provide  proof  c4  preexisting  competitive  storage  software  to  purchase  promotional  competitive  replacement 
SKUs  The  oboe  amounts  are  m  U  S  dollars  CA  resents  the  right  to  alter,  amend,  cancel  or  extend  this  promotion  at  any  time,  without  notice  All  decisions  by  CA  are  final.  \fod  where  prohibited  by  law,  see  website  tor  complete  detots 

C  2002  Computer  Associates  International  Inc  (CA)  All  rights  reserved. 


NetworkWorid 


News 


■  8  Microsoft  patching  major  hole  in  Windows  cryptography  API. 

■  8  Solaris  users  put  pressure  on  Sun. 

■  10  Security  to  find  spotlight  at  NetWorld+Interop. 

■  10  Intel  sells  off  LANDesk  products  to  new  company. 

■  12  Equant  courts  video  users. 

■  12  CRM  vendors  SAP,  Siebel  tackle  implementation,  integration  woes. 

■  12  IT  spending  still  in  check,  survey  says. 

■  18  Study:  Bluetooth  security  should  raise  red  flags. 

■  84  DSL  providers  beginning  to  broaden  offerings. 

■  84  Cisco  warns  of  VPN  vulnerability. 


Infrastructure 

■  21  Net  storage  options  grow. 

■  21  Route  control  delivers  key 
business. 

■  22  Dave  Kearns:  The  name 
game,  Caldera  style. 

NetWorker 

■  25  HomePlug  units  easy  to  use 
but  slow. 

Enterprise 

Applications 

■  29  Voice  systems  go  for  a  ride. 

■  29  Start-up  preps  Web 
optimization  service. 

■  30  IntruVert  inspects  high-speed 
IP  traffic. 

■  30  Microsoft  adds  wireless 
notification  services. 

■  32  Scott  Bradner:  A  happy 
geek. 

■  34  Special  Focus: 

Applications:  A  look  at  what's 
new  in  call  center  software 
implementation. 

Service  Providers 

■  37  AT&T  lands  contract  to  host 
major  federal  Web  portal. 

■  37  RBOC  struggles  likely  to  stall 
rollouts  and  hurt  service. 

■  38  Open  source  group  releases 
telephony  services  platform. 

■  38  Johna  Till  Johnson: 

Rekindling  the  thrill  of  networking. 


The  Edge 

■  41  Hewlett-Packard  exec  talks 
about  company's  heightened  interest 
in  providers. 

■  41  Telecom  sales  still  hurting. 

■  42  Marconi  revamps  itself. 

■  42  Polaris  Networks  announces 
Optical  Metro  Switch. 

Technology  Update 

■  45  ISCSI  delivers  storage  over 
Ethernet. 

■  45  Steve  Blass:  Ask  Dr. 

Internet. 

■  46  Mark  Gibbs:  Cookie 
cookery. 

■  46  Keith  Shaw:  Cool  tools, 
gizmos  and  other  neat  stuff. 

Opinions 

■  48  Editorial:  The  VON 

Showdown  roster. 

■  49  Jeff  Kaplan:  Goodbye, 
independent  consultants? 

■  49  Linda  Musthaler: 

Readers  love  their  NetWare. 

■  86  Backspin:  Systems  for 
megalomaniacs. 

■  86  ’Net  Buzz:  The  good 
news  a  year  after  Sept.  11. 

Management 

■  65  Storage  specialists:  Two  IT 
executives  share  why  they  pursued 
storage-area  certification  programs. 


Features 

iLabs  team  impressed 
with  802.1 X 
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******  *  • 


Labs 


Volunteers  gathered  at  a 
warehouse  in  California 
last  month  to  build  the 
largest  public  demonstra¬ 
tion  of  802.1X  wireless 

security,  Network  World  Test  Alliance  member  Joel  Snyder 
was  part  of  the  NetWorld+Interop  iLabs  team  and  reports 
that  802.1X  lived  up  to  its  billing  as  a  way  to  protect  your 
wireless  traffic  from  predators. 
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N+l  breaking  news 

Stay  on  top  of  the  latest  happenings  from  Atlanta  with  our  breaking 
news  page.  Also,  our  reporters  will  offer  you  their  take  on  the  show 
via  their  Interop  Weblog. 

DocFinder:  2141 

Switching  files 

In  this  online-exclusive  part  of  our  special  report,  "Storage:  Picnic  or 
Panic?"  technologist  Barry  Flynn  shares  his  thoughts  on  the  future  of 
distributed  file  systems. 
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Is  there  a  future  in  networking  careers? 

Can  you  make  a  career  out  of  networking  these  days?  What  would  you 
advise  those  considering  the  field? 
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VoIP  training  comes  to  you 

Looking  for  a  cost-effective  way  to  train  your  team?  With  equipment  pro¬ 
vided  by  Avaya,  NetSmart  s  on-site  VoIP  training  is  the  perfect  way  to 
educate  your  staff  on  the  technology  behind  the  merging  of  voice  and 
data  —  without  leaving  the  office.  Sign  up  today.  DocFinder:  9945 
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Good  intranets  take  time 

Fusion  Executive  Editor  Adam  Gaffin  passes  along  a  Web 
usability  report  on  the  10  best  intranets  of  all  time,  along 
with  one  expert's  thoughts  on  what  makes  a  useful  intranet. 
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Slow  NT  4  apps 

Columnist  Ron  Nutter  helps  a  user  who  wants  to  know  why 
applications  on  his  Windows  NT  4  server  and  workstation  are 
slowing  to  a  crawl. 
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The  end  of  telecom 

Columnist  Daniel  Briere  says  service  providers  either  need  to 
change  their  ways  or  go  the  way  of  the  dinosaur 
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Calling  domain  names.  The  Internet  Corporation  for 
Assigned  Names  and  Numbers,  the  group  that  oversees  the  Internet 
addressing  system,  last  week  threatened  to  strip  VeriSign  of  its  ability 
to  sell  .com  domain  names  if  the  registrar  doesn’t  clean  up  the  public 
database  of  who  owns  which  Web  sites.  In  its  statement,  ICANN  cited 
this  example:  "Despite  repeated  notifications  over  the  past  18  months, 
VeriSign  Registrar  has  failed  to  correct  a  Whois  entry  that  shows  a 
domain  name  registered  to  ‘Toto’,  with  an  address  'the  yellow  brick  road, 
Oz,  KS,' "  VeriSign  could  not  be  reached  for  comment. 


Return  of  the  Ravens?  We  don’t  really  know  if  there  is 

any  connection  between  the  speed  of  an  NFL  team's  Web  site  and  its  chances 
for  winning  the  next  Super  Bowl,  but  if  there  is,  you  might  want  to  consider 
the  Baltimore  Ravens  as  your  pick  in  the  office  pool.  According  to  Internet 
quality  measurement  company  Gomez,  the  Ravens  boast  a  league  best 
2.8-second  response  time  on  their  Web  site.  The  worst? 

Washington,  at  28.5  seconds. 


Internet  miscreants.  What’s  the  top  reason  for  workplace 
discipline  in  the  U.K.?  Internet  and  e-mail  abuse,  according  to  a  survey 
of  212  companies  by  London  law  firm  Klegal  and  Personnel  Today 
magazine.  During  the  past  12  months  358  cases  of  e-mail  and  Internet 
abuse  were  cited  vs.  326  cases  for  dishonesty,  violence,  and  health  and 
safety  breaches,  the  survey  says. 


■  Microsoft  last  week  announced  storage  management  soft¬ 
ware  that  it  says  will  let  its  Windows  2000  Server  and  Windows 


Microsoft  touts  storage  technology 
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.Net  Server  2003  operate  more  efficiently  with  storage-area  net¬ 
works  and  network-attached  storage.  Storage  vendors  can  use 
Microsoft’s  Multipath  I/O  to  offer  multiple  paths  between 
servers  and  storage  devices,  allowing  improved  load  balancing 
and  fault  tolerance.  Storage  vendors  such  as  Qlogic,  Emulex, 
Hewlett-Packard  and  Network  Appliance  are  expected  to  inte¬ 
grate  it  into  products.  The  company  has  indicated  that  multi- 
path  I/O  will  be  only  one  of  several  storage  enhancements  it 


to  come  up  with  a  new  system  for  line-sharing. 

IBM  snaps  up  Access360 

■  IBM  last  week  announced  a  deal  to  buy  Irvine,  Calif. -based  provisioning  software 
firm  Access360  for  an  undisclosed  price.  Access360  and  its  128  employees  will 
become  part  of  the  IBM  Tivoli  division,  which  has  immediate  plans  to  market 
enRole,  the  Access360  product  that  automates  control  over  access  rights  manage¬ 
ment  and  password  self-service.  Long  term,  IBM  Tivoli  plans  to  integrate  enRole  into 
the  IBM  network-management  suite  and  design  new  products  around  enRole,  which 
is  now  used  by  about  30  companies. 


will  make  to  .Net  Server  2003.  Others  include  support  for  iSCSI, 
improved  connectivity  to  Fibre  Channel  networks,  and  snap¬ 
shot  and  point-in-time  copy  capability. 

Appeals  court  still  opposes 
existing  line  sharing  rules 

■  The  U.S.  Court  of  Appeal  for  the  District  of  Columbia  this  week  upheld  its  earlier 
decision  that  incumbent  local  exchange  carriers  should  not  be  forced  to  share  lines 
with  broadband  competitors.  Line-sharing  occurs  when  an  ILEC  provides  voice  ser¬ 
vice  and  a  competitive  carriers  provides  a  high-speed  data  service  over  the  same 
local  loop. 

After  the  court  made  its  original  ruling  in  May,  the  Federal  Communications 
Commission  had  asked  the  court  to  reconsider  its  ruling. The  court  did  not  change 
its  decision  though,  saying  the  FCC  did  not  take  into  account  the  cost  ILECs  pay  for 
equipment  that  must  be  shared  with  competitors.  The  FCC  has  until  January,  2003 


RIAA  wins  round  vs.  Aimster 

■  Record  companies  that  are  members  of  the  Recording  Industry  Association  of 
America  have  been  granted  a  preliminary  injunction  against  the  Aimster  file-trading 
software  service,  which  has  been  judged  to  have  infringed  the  record  companies’ 
copyright.  The  injunction  determines  that  companies  and  individuals  will  not  be 
allowed  to  build  a  business  on  music  they  do  not  own  and  that  they  will  be  held 
responsible  for  their  actions,  the  RIAA  said.  The  court  documents  refer  to  Aimster, 
but  the  service  has  been  known  as  Madster  since  February,  when  the  Aimster 
domain  name  was  assigned  to  AOL.  The  injunction  was  granted  in  the  Northern 
Illinois  District  Court  by  Judge  Marvin  Aspen,  who  described  Aimster  as  “a  service 
whose  very  raison  d’etre  appears  to  be  the  facilitation  of  and  contribution  to  copy¬ 
right  infringement  on  a  massive  scale.”  RIAA  is  best  known  for  its  attack  on  the  pio¬ 
neering  Napster  file-sharing  service,  which  it  forced  to  close  after  a  series  of  similar 
court  cases. 

Covad,  AOL  strike  deal  over  DSL 


COMPENDIUM 

Fake  wireless  access  points 

Gna  computer  consultant  has  come  up  with  a  novel  way  to  protect  wireless  LANs  from 
hackers.  L mux  software  that  generates  thousands  of  bogus  wireless  access  points  to 
confuse  people  who  would  glom  onto  your  net 

Get  more  details  and  other  vital  stuff  at:  www.nwfusion.com, 
DocFinder:  2149. 


■  Covad  Communications  is  granting  AOL  access  to  its  DSL  services  over  its  U.S.  net¬ 
work  as  part  of  a  five-year  wholesale  agreement,  the  company  announced  last  week. 
AOL  will  have  access  to  a  network  that  currently  covers  more  than  40  million  U.S. 
homes  and  businesses,  Covad  said.  The  company  estimates  its  network  reaches 
approximately  40%  to  45%  of  all  U.S.  homes  and  businesses.  As  part  of  the  agree¬ 
ment,  for  which  terms  were  not  disclosed,  AOL  has  been  issued  warrants  by  the 
Santa  Clara  company,  giving  it  the  option  to  purchase  a  total  of  3.5  million  shares  of 
Covad  common  stock,  with  an  estimated  value  of  $3.5  million,  Covad  said.  Covad 
emerged  from  bankruptcy  last  year  when  the  U.S.  Bankruptcy  Court  for  the  District 
of  Delaware  approved  the  company’s  reorganization  plan. 


So  many  network  applications. 
So  little  throughput. 

It’s  time  for  Gigabit  to  the  desktop. 


The  surge  in  network  applications  has  caused  bottlenecks  on  desktops  everywhere.  The  solution?  Help  your 
organization  tackle  all  those  network  backups,  remote  software  distributions  and  massive  file  downloads  by 
providing  an  equally  massive  increase  in  throughput.  With  the  Intel®  PRO/IOOO  MT  Desktop  Connection, 
you’ll  benefit  from  10  times  the  throughput.  Other  advantages:  a  Gigabit  connection  works  on  an  existing 
10/100  Mbps  Cat-5  network,  and  will  seamlessly  ramp  up  to  1000  Mbps.  When  this  Gigabit  connection 
is  combined  with  the  Intel®  Pentium®  4  processor,  studies  have  demonstrated  a  significant  boost  in  desktop 
performance.  Intel,  the  leader  in  desktop  connections,  makes  multi-tasking  less  of  a  task  —  cost-effectively 
and  without  any  need  for  expensive  rewiring.  Intel®  PRO  Network  Connections.  The  intelligent  way  to  connect. 


For  a  trial  kit,  product  and  test  information:  www.intel.com/go/desktopgig 
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Microsoft  patching  hole  in  CryptoAPI 


Chain  of  trust 

Microsoft  is  patching  a  flaw  in  its  cryptography  software 
that  lets  a  hacker  use  a  bogus  digital  certificate  to  intercept 
secure  communication  or  forge  digital  signatures. 


© 
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certificate 
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certificate 
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O  End  user’s  software, 
such  as  Internet 
Explorer  or  Outlook, 
needs  to  check  validity 
of  digital  certificate  for 
services  such  as  a 
Secure  Sockets  Layer 
transmission  or  a  digital 
signature  on  an  e-mail. 


©  In  a  standard  validation 
check,  if  a  certificate 
issued  by  a  middle 
certificate  authority  is 
used  the  software  checks 
to  ensure  its  issuer  has 
the  authorization  to  issue 
its  own  certificates  and 
that  the  root  certificate 
authority  is  trusted. 


©With  Microsoft’s  flawed 
CryptoAPI,  the  Windows 
software  never  checks  the 
authorization,  or  constraints,  on 
the  middle  certificate  authority 
certificate.  Therefore  it  lets 
anyone  with  a  root  server 
certificate  create  a  middle 
certificate  authority  certificate 
and  pass  it  off  as  valid. 


■  BY  JOHN  FONTANA 

REDMOND,  WASH.  —  Microsoft 
has  a  fundamental  flaw  in  its 
security  infrastructure,  and  net¬ 
work  executives  who  want  to  run 
applications  that  use  digital  cer¬ 
tificates  or  deploy  cryptography 
software  that  runs  on  Windows 
will  need  to  patch  the  operating 
system  quickly 

An  independent  researcher  dis¬ 
covered  the  flaw  early  last  month 
in  the  Windows  cryptography  API 
(CryptoAPI),  which  provides  the 
operating  system’s  framework 
that  programs  use  to  obtain  cryp¬ 
tographic  services.The  CryptoAPI 
supports  encryption,  decryption 
and  digital  certificate  handling. 

The  problem  is  that  the  Crypto¬ 
API  does  not  check  a  parameter, 
called  Basic  Constraints;  within  a 
digital  certificate  that  is  used 
to  validate  digital  certificate 
chains,  the  hierarchy  of  trust  that 
cascades  from  top-level  certifi¬ 
cate  authorities  such  as  VeriSign. 
That  means  hackers  can  create 
bogus  certificates  and  use  them 
as  trusted  certificates  without 


being  detected  by  Microsoft  soft¬ 
ware,  which  would  let  them 
hijack  secure  communications 
or  forge  digital  signatures. 

Researcher  Mike  Benham  al¬ 
ready  has  proven  the  flaw  affects 
Microsoft's  Internet  Explorer  and 
Outlook.  It  also  has  ramifications 
for  users  of  the  IP  Security 
(IPSec)  standard  and  Microsoft’s 
Authenticode,  which  is  used  to 
validate  as  a  trusted  party  anyone 
who  provides  executable  code 
that  a  user  might  download  and 
install.  Microsoft’s  BizTalk  server 
also  relies  on  the  CryptoAPI  to 
handle  its  security  services. 

Vulnerability  to  the  flaw  extends 
to  any  application  or  third-party 
product,  such  as  smart  card  ser¬ 
vices,  that  plugs  into  the  Crypto¬ 
API  and  relies  on  it  to  validate  the 
chains  of  trust  that  issuers  of  digi¬ 
tal  certificates  create. 

“The  big  problem  is  that  you 
have  a  fundamental  flaw  in  a  crit¬ 
ical  piece  of  infrastructure,”  says 
Russ  Cooper,  editor  of  the  NT 
BugTraq  Web  site  and  the  sur¬ 
geon  general  forTruSecure.“If  Joe 
Enterprise  relies  on  the  Crypto¬ 


API  to  handle  digital  certificates 
for  [Secure  Sockets  Layer], 
[Secure/Multipurpose  Internet 
Mail  Extensions],  Authenticode, 
Active  X  controls  or  Active  Di¬ 
rectory  using  IPSec  and  digital 
certificates,  then  in  order  for  him 


to  trust  those  systems  he  needs  to 
patch  those  systems.” 

Cooper  says  he  doesn’t  per¬ 
ceive  an  imminent  threat  but 
that  the  potential  severity  of  the 
problem  lies  in  the  fact  that  digi¬ 
tal  certificates  are  becoming 


Solaris  users  put  pressure  on  Sun 

Angry  contingent  intensifies  its  lobbying  for  Intel  platform  support. 


■  BY  DENI  CONNOR 

STATE  COLLEGE,  PA.  —  Solaris 
users  last  week  stepped  up  their 
campaign  to  get  Sun  to  make  the 
latest  and  future  versions  of  its 
Unix  operating  system  available 
on  a  range  of  Intel-based  servers. 

The  users  took  out  a  half-page 
ad  in  the  San  Jose  Mercury  News 
titled  “Shame  on  you,  Scott,”  in 
hopes  of  getting  Sun  CEO  Scott 
McNealy  to  respond.  The  1,200- 
member  group  says  McNealy  has 
yet  to  answer  its  pleas,  which 
have  been  issued  in  the  form  of 
letters  to  him  and  members  of 
Sun’s  board. 

Users,  who  have  voiced  their  concerns 
through  groups  called  Save-Solaris-x86.org 
and  the  Secret  Six,  are  fuming  that  Sun  aban¬ 
doned  development  of  Solaris  9  on  Intel  in 
January  They  say  Sun’s  attempt  at  appease¬ 
ment  —  the  bundling  of  Solaris  9  on  a  low- 
end  Intel-based  server  called  the  Cobalt  LX50 
—  just  doesn’t  cut  it. 

“You  get  a  lot  of  free  software  such  as  the 
directory  and  application  server  with  the 
Solaris  Linux  version  of  the  LX50  that  you 
don’t  get  with  the  Solaris  [on  Intel  8]  version," 


says  John  Groenveld, associate  re¬ 
search  engineer  at  Pennsylvania 
State  University  in  State  College. 
He  says  those  extras  are  worth 
about  $3,500. 

“With  the  Solaris  [on  Intel  8] 
version  we  get  only  Solaris,”  says 
Groenveld,  who  uses  Solaris  on 
Intel  for  Web,  Oracle  database, 
firewalls,  e-mail  and  edge  servers. 

“We  want  to  be  able  to  run  the 
same  version  of  Solaris  with  the 
same  functionality  on  our  lap¬ 
tops,  our  $1,000  desktop  PCs,  all 
the  way  up  to  our  million-dollar- 
plus  StarFire  servers,”  Groenveld 
says.  He  says  that  Penn  State 
spends  hundred  of  thousands  of  dollars  on 
Solaris  each  year. 

Another  Solaris  user,  the  Edward  Jones 
Brokerage,  which  has  more  than  7,000  Intel- 
based  servers  running  Solaris,  is  threatening 
to  migrate  to  IBM’s  AIX  if  Sun  doesn’t  listen  to 
its  complaints, sources  say.  So  far  Sun  is  stick¬ 
ing  to  its  guns. 

“We’ve  been  working  with  the  [Solaris  on 
Intel]  community  for  some  time  to  find  origi¬ 
nal  and  creative  ways  to  get  around  this  and 
to  build  a  business  model  that  makes  sense 
from  our  standpoint  and  a  development 


model  that  makes  sense  for  the  community’ 
says  Bill  Moffit,  product  manager  for  Solaris  at 
Sun.“Unfortunately,we  are  a  business  that  has 
fallen  on  some  difficult  times,  so  we  have  to 
make  some  hard  decisions  that  aren’t  going 
to  satisfy  everyone.” 

Sun  soon  is  expected  to  offer  a  product 
called  Solaris  Express,  a  beta  version  of 
Solaris  10  that  will  run  on  any  Sun  SPARC  or 
Intel  server  platform. 

Users  say  this  effort  isn't  enough. 

“The  problem  is  that  Solaris  Express  is  a 
beta  platform  —  there  is  no  upgrade  path  for 
customers  that  are  on  non-Sun  hardware, 
except  to  run  a  beta  version  of  software," says 
Bruce  Riddle, a  Unix  systems  administrator  at 
Agere  Systems  in  Allentown,  Pa. 

“We  are  moving  toward  Linux  on  Intel  in 
some  areas  because  a  Sun  Solaris  offering 
isn’t  there,” says  Riddle, a  member  of  the  Secret 
Six,  a  group  that  has  been  negotiating  with 
Sun  for  a  current  version  of  Solaris  on  Intel. 

Separately  other  vendors  are  exploring  their 
Unix-on-Intel  options.  The  SCO  Group  (for¬ 
merly  Caldera)  is  reported  to  be  revisiting  a 
version  of  Unix  for  Intel  servers  once  attempt¬ 
ed  through  an  effort  called  Project  Monterey. 
Hewlett-Packard,  meanwhile,  is  porting  its  HP- 
UX, Open  VMS  and  NonStop  operating  systems 
to  Intel’s  64-bit  Itanium  platform  * 


Mum's  been  the  word 
from  Sun  CEO  Scott 
McNealy  regarding  user 
pleas  for  new  versions 
of  Solaris  on  Intel  plat¬ 
forms. 


more  prevalent  to  support 
secure  communications. 

Last  week,  Microsoft  began  re¬ 
leasing  patches  for  Windows  98, 
98  Second  Edition,  ME,  NT  4.0,  NT 
4.0  Terminal  Server  Edition,  2000 
and  XP 

“This  chips  away  at  the  founda¬ 
tion  of  security  with  computers," 
says  Doug  Spindler,  project  coor¬ 
dinator  for  Active  Directory  at 
the  Lawrence  Berkeley  National 
Laboratory. 

“I  don’t  see  this  flaw  as  a  major 
blow,  but  you  have  to  take  it  in 
context  with  all  the  others,”  he 
says.  In  the  past  month  Microsoft 
has  issued  almost  a  dozen  secu¬ 
rity  patches  for  software  such  as 
SQL  Server  and  Office. 

Microsoft  acknowledges  it 
made  a  mistake  in  the  develop¬ 
ment  of  the  CryptoAPI,  which  was 
first  used  in  later  editions  of 
Windows  95.  Microsoft  created 
the  proprietary  CryptoAPI  instead 
of  using  the  Generic  Security 
Service  Application  Program  In¬ 
terface  (GSS-API), which  is  an  ac¬ 
cepted  standard.  Microsoft  since 
has  added  support  for  the  Se¬ 
curity  Support  Provider  Interface, 
which  is  similar  to  GSS-API,  to  Win 
2000  and  XP  to  handle  some 
security  tasks,  but  the  CryptoAPI 
remains  an  underlying  service. 

“With  CryptoAPI  we  were  trying 
to  build  in  flexibility  for  nonstan¬ 
dard  certificates,  and  that  is  how 
this  vulnerability  was  created,” 
says  Scott  Culp,  manager  of  the 
Microsoft  Security  Response 
Center.  “It’s  a  classic  flexibility  vs. 
security  issue.” 

But  Culp  says  exploits  of  the 
flaw,  especially  with  Authenti¬ 
code,  are  difficult  and  often  cre¬ 
ate  a  traceroute  back  to  the  of¬ 
fending  party. 

However,  while  experts  say  that 
digital  certificates  issued  by  top- 
level  certificate  authorities  can 
be  traced,  they  often  are  issued  to 
a  company  or  entity  that  distrib¬ 
utes  the  certificate’s  private  key  to 
multiple  users.Those  who  use  the 
private  key  can  be  traced  only  as 
far  back  as  the  company  named 
on  the  certificate. 

“A  certificate  is  a  private  keyand 
a  private  key  can  be  used  by 
many  people,” says  Paul  Hoffman, 
director  of  the  Internet  Mail 
Consortium.“One  rogue  program¬ 
mer  could  use  the  private  key  to 
create  bogus  certificates.” 

Hoffman  says  that  fact  high¬ 
lights  why  people  need  to  safe 
guard  their  private  keys.* 


{ADVANCED  WIRELESS  FOR  THE  ADVANCED 


AND  SAFELY  BEHIND  THE 


Security  is  a  priority  for  all  your  data.  But  never  more  than  when  employees  are  accessing  it  remotely.  The  cogfrcjeflce 
of  knowing  that  all  the  right  files  aren’t  falling  into  the  wrong  hands  isn’t  just  a  luxury.  It's  a 
we  can  help.  QUALCOMM  3G  CDMA  wireless  solutions  can  give  mobile  employees  instant  access  to  company  intranets 
and  servers  while  helping  to  assure  no  unwelcome  guests  make  a  surprise  visit.  And  that’s  a  comforting  thought, 
indeed.  Find  out  how  to  secure  your  corporate  data  no  matter  where  you  are,  visit  www.qualcofnteom/enterprise. 
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Security  to  find  spotlight  at  Interop 


■  BY  PHIL  HOCHMUTH  AND 
TIM  GREENE 

It  seems  only  fitting  that  with 
the  country’s  focus  on  shoring 
up  personal  and  national  de¬ 
fenses  that  this  weeks  Net- 
World+Interop  2002  Atlanta 
show  will  focus  on  network 
security  products. 

A  harvest  of  wares  from  ven¬ 
dors  such  as  Foundry  Networks, 
Funk  Software  and  newcomer 
SaberFile  promise  to  add  authen¬ 
tication  and  security  to  all  areas 
of  corporate  networks. 

Against  a  backdrop  of  eco¬ 
nomic  malaise,  attendance  for 
the  show  is  projected  optimisti¬ 
cally  at  30,000  —  down  from  the 
more  than  50,000  the  show  used 
to  draw.  Several  large  network 


vendors  also  will  be  absent  on 
the  show  floor,  including  Al¬ 
catel,  Avaya,  Cable  &  Wireless, 
Cisco,  Hewlett-Packard,  Intel, 
Network  Associates  and  Nortel. 
Cutbacks  were  given  as  the 
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main  reason  why  many  vendors 
were  skipping  the  fall  event. 
Low  turnout  also  could  be 
blamed  on  the  fact  that  the 
show  falls  on  the  week  of  the 
anniversary  of  Sept.  11. 

But  the  show  must  go  on,  pro¬ 
moters  say,  and  much  of  the  talk 
at  N+l  will  focus  on  the  802. lx 
protocol,  a  method  for  authenti¬ 


cating  network  users  at  Layer  2, 
or  the  data-link  layer,  of  a  net¬ 
work  connection,  which  is  a  hot 
security  topic  in  the  wireless  and 
wired  network  communities. 

The  shows  InteropNet  Labs 
will  feature  a  vendor-neutral 
proving  ground  for  802. lx  tech¬ 
nology  among  wireless  LAN  ven¬ 
dors  (see  related  story,  page  51). 
Also,  lots  of  new  802.1x-based 
gear  will  be  on  display. 

“Wireless  security  has  always 
been  a  grave  concern,  especi¬ 
ally  in  the  retail  environment,” 
says  Kip  Miles,  a  retail  IT  execu¬ 
tive  who  is  attending  N+l  to 
learn  more  about  wireless  LAN 
security  technologies. 

“Right  now,  a  lot  of  the  security 
features  that  come  embedded  in 
[wireless  LAN]  equipment  are 
not  up  to  snuff,”  Miles  says. 

Miles  says  many  application 
vendors  in  his  industry  sell  soft¬ 
ware  that  takes  advantage  of  wire¬ 
less  networks,  but  security  is  often 
an  afterthought.  “It  becomes  a 
chore  for  a  stores  IT  department 
to  wrap  security  around  the  net¬ 
work  or  to  add  a  layer  of  security 
to  that  application.” 

Funk  and  ReefEdge  will  have 
802.1x-based  products  for  wire¬ 
less  LAN  management  and 
security. 

Funk  will  announce  wireless 
LAN  security  and  management 
features  with  upgrades  for  its 
Odyssey  Server  and  Steel-Belted 
Radius  server  software  products. 
Funk  says  its  Odyssey  security 
server  can  be  used  to  add  and 
remove  users  from  a  wireless 
LAN  network,  and  configure 
users’  permissions.The  company 
says  the  802. lx  technology  can 
work  with  hardware  from  wire¬ 
less  gear  vendors. 

ReefEdge  will  have  Version  3.0 
of  its  ReefEdge  Connect  System 
for  managing  wireless  LANs, 
with  support  for  managing  IP 
telephony  users  on  an  802.11- 
based  network.The  software  will 
work  with  Spectralink’s  line  of 
wireless  IP  telephones. 

“Wireless  networks  can  be  just 
as  secure  as  their  wired  counter¬ 
parts,”  says  Craig  Mathias,  princi¬ 
pal  at  the  network  consultancy 
Farpoint  Group,  who  will  give 
several  lectures  on  security  at 
the  show. While  the  technology  is 
becoming  a  buzzword  among 
wireless  security  enthusiasts, 
Mathias  says  the  protocol  can 
help  secure  802.1 1-based  LANs 
and  hard-wired  nets. 

“802. lx  is  emerging  as  an 


important  piece  to  the  security 
puzzle,  but  it’s  just  one  piece,” 
Mathias  says.  Encryption  meth¬ 
ods  such  as  Kerberos  and  VPN 
technologies  also  play  a  role, 
he  adds. 

Along  that  line,  Foundry  will 
roll  out  new  IronWare  switch 
firmware  for  its  line  of  Fastlron 
LAN  boxes  that  will  incorporate 
port-based  802. lx  security.  The 
upgrade  could  let  any  of 
Foundry’s  Fastlron  enterprise 
switches  force  wireless  clients 
to  authenticate  to  a  LAN  port  on 
the  switch  before  gaining 
access  to  the  network. 

The  upgrade  also  includes 
switch  redundancy  and  failover 
features  and  a  media  access 
control-based  security  feature 
that  can  be  used  to  lock  out 
unauthorized  network  PCs  and 
devices. 

Also  on  the  authentication 
front,  Infoblox  will  have  two 


Fear  factor 

85% 

of  273  IT  professionals 
surveyed  by  Network 
World  said  security 
was  a  main  concern 
of  theirs. 


new  appliances  it  says  can  help 
companies  deploy  Remote  Au¬ 
thentication  Dial-In  User  Service 
(RADIUS)  and  Lightweight  Di¬ 
rectory  Access  Protocol  (LDAP) 
servers.  The  company  says  its 
RADIUS  One  server  appliance 
can  plug  into  a  network  and 
simplify  the  deployment  of 
RADIUS  authentication.  The 
new  LDAP  One  appliance  can 
do  the  same  for  integrating 
LDAP  into  a  company 

Securing  servers 

With  recent  news  such  as  the 
Microsoft  Windows  security  vul¬ 
nerabilities  and  SQL  Server 
flaws  posing  security  threats  to 
NT  and  Windows  2000  boxes, 
Shavlik  Technologies  will 
release  a  free  utility  called 
HFNetChkLT.  The  tool  auto¬ 
mates  patch  scans  on  an  unlim¬ 
ited  number  of  machines, 
detects  missing  or  misconfig- 
ured  operating  system  patches, 
pushes  operating  system  patch 
See  Interop,  page  84 
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Intel  sells  ofF  LANDesk 
products  to  new  venture 

■  BY  TOM  KRAZIT 

Intel  last  week  said  it  would  sell  its  LANDesk  family  of  IT  manage¬ 
ment  products  to  The  LANDesk  Acquisition  Corp.,a  new  company  set 
up  by  two  venture  capital  firms. 

LANDesk  products  are  used  to  take  an  inventory  of  PCs  connected 
to  a  LAN,  remotely  manage  desktops  through  one  client  and  roll  out 
software  updates  to  PCs  over  LAN. 

The  new  business  —  formed  by  Vector  Capital  and  vSpring  Capital 
—  will  purchase  the  LANDesk  Management  Suite,  LANDesk  Client 
and  Server  Manager,  and  LANDesk  Asset  Service,  among  other 
products.  Additional  assets  and  intellectual  property  also  will 
be  acquired. 

Intel  will  retain  a  minority  equity  position  in  the  business,  which 
will  be  managed  through  Intel  Capital,  the  chip  giant’s  investment 
division.  Financial  terms  were  not  disclosed. 

Intel  has  been  selling  off  businesses  it  no  longer  considers  key  to 
its  core  semiconductor  manufacturing  trade.  In  the  past  year,  the 
world’s  No.  1  chip  maker  left  the  consumer  products  and  Web  host¬ 
ing  businesses.  It  also  shut  down  its  online  media  broadcasting 
venture. 

Joe  Wang,  formerly  a  vice  president  at  Symantec,  will  be  named 
CEO  of  the  new  company,  which  will  have  its  North  American  head¬ 
quarters  in  the  Salt  Lake  City  area.  John  Sutherland,  who  was  general 
manager  of  the  business  for  Intel,  will  stay  on  as  vice  president  of 
operations. 

About  150  employees  work  for  Intel’s  LANDesk  business  unit  world¬ 
wide.  The  current  management  team  will  be  offered  positions  with 
the  new  company.  Intel  also  plans  to  offer  transition  services  to  exist¬ 
ing  LANDesk  customers  until  the  deal  closes,  which  is  expected  to 
happen  at  the  end  of  this  month. 

Intel  said  during  a  conference  call  presenting  its  second- 

quarter  earnings  in  July  that  it 
would  seek  certain  “business 
divestments”  that  would  help 
reduce  its  operating  costs. 

Krazit  is  a  correspondent  with 
the  IDG  News  Service’s  Boston 
bureau. 
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100%  Dell  performance  and  reliability. 
Up  to  50%  less  than  the  competition 

PowerConnect  Switches...100%  no-brainer. 
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D$tL  PowerConnect  5012 


D*U  PowerConnect  3024 


PowtrCon 


Right  now,  get  $100  off  Dells 
NEW  PowerConnect  Switches. 


Dell  |  Managed  Switches 

PowerConnect™  3024*  Switch 


Scalable,  High-Performance  Managed  Switches 

•  24  Fast  Ethernet  Ports  Plus  2  Built-In  Gigabit*  Uplinks 

•  Up  to  12.8  Gbps  of  Wire-Speed  Switching  Capacity 

•  Stackable  (Supports  up  to  144  FE  Ports  in  a  Stack) 

•  Remote  Access  and  Management  Capabilities 

•  3-Yr  Next  Business  Day  Unit  Replacement1' 

4a  as  low  as  $20/mo..  (46  pints*)  60  Days 

ullMM  Same-As-Cash  for  qualified  customers 

E-VALUE  Code:  12882- S10906 


PowerConnect™  3248*  Switch 


NEW  High-Performance  Enterprise  Class  Managed  Switches 

•  48  Fast  Ethernet  Ports  Plus  2  Built-In  Gigabit*  Uplinks 

•  Multi-Layer  Traffic  Classification  at  Layers  2, 3,  and  4 

•  Advanced  Management  via  Browser  or  Industry-Standard  CLI 

•  3-Yr  Next  Business  Day  Unit  Replacement" 

•  Sale  Price  includes  $100  Discount 

4k  m  m  as  low  as  $40/mo..  (46  pmts*)  60  Days 

d  J  Same-As-Cash  for  qualified  customers 

■  WWW  E-VALUE  Code:  12882- S10913 


PowerConnect™  3048*  Switch 

NEW  Rack-Dense,  High-Performance  Managed  Switches 

•  48  Fast  Ethernet  Ports  Plus  4  Built-In  Gigabit*  Uplinks 

•  Up  to  21.6  Gbps  of  Wire-Speed  Switching  Capacity 

•  Stackable  (Supports  up  to  144  FE  Ports  in  a  Stack) 

•  3-Yr  Next  Business  Day  Unit  Replacement" 

•  Sale  Price  Includes  $100  Discount 

4k  as  low  as  $34/mo..  (46  pruts*)  60  Days 

uJjMM  Same-As-Cash  for  qualified  customers 

I  %3  E-VALUE  Code:  12882-S10911 


PowerConnect™  5224*  Switch 


NEW  High-Performance  All-Gigabit*  Managed  Switches 

•  24  Copper  Gigabit*  Ports  Plus  4  SFP  Fiber  Uplinks 

•  Layer-3  Aware  Class  of  Service  Prioritization 

•  Advanced  Management  via  Browser  or  Industry  Standard  CU 

•  3-Yr  Next  Business  Day  Unit  Replacement" 

•  Sale  Price  Includes  $100  Discount 

m  as  low  as  S68/mo.,  (46  pmts*)  60  Days 
M  Same-As-Cash  for  qualified  customers 

E-VALUE  Code:  12882-S10923 


Managed  switches  you  can  count 
on  to  do  more  than  just  save  money.  Just  what  you'd  expect  from  Dell,  proven  technology 
that  cuts  costs.  So  whether  you're  building  your  first  network  or  expanding  your  existing  one, 
Dell  PowerConnect  managed  switches  can  handle  your  busy  organization  and  help  you  save 
money.  Equipped  with  the  latest  industry-standard  technology,  PowerConnect  switches  are 
highly  interoperable  and  easily  integrate  into  an  existing  network.  They're  scalable  for  future 
growth  and  have  easy-to-use  management  features  to  help  you  improve  network  up-time 
and  security.  PowerConnect  switches  include  Next  Business  Day52  Unit  Replacement  and, 
of  course,  they're  all  backed  with  Dell's  service  and  support.  Choosing  Dell  PowerConnect 
switches  means  you  won't  have  to  sacrifice  performance  for  price.  And  that's  a  concept 
you'll  definitely  want  to  plug  into. 


VALUE 


USE  THE  POWER  OF 
THE  E-VALUE  CODE. 

Match  out  latest  technology 
with  our  latest  prices  Enter  the 
E- VALUE  code  online  or  give  it 
to  your  sales  rep  over  the 
phone  www  dell  com/evalue 


Growing  your  network.  Easy  as 


D0LL 


Visit  www.dell.com/switch  or  call  toll  free  1-800-388-1490. 


Call:  M-F  7a  9p|Sat  8a-5p  CT. 
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Monthly  pavmenr  based  on  48-month  QurckLoan  at  1 2.99%  interest  rale  for  qualified  Small  Business  cusiomers  Your  interest  rale  and  monthly  payment  may  be  same  or  higher,  depending  on  youi  creditworthiness  Minimum  transaction  size  of  $500  require .i  '  •..n  aggregate  f.'  i-v-cei  no  otto  •; 
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IT  spending  in  check 

Budget  growth  modest,  say  two  financial  analyst  firms. 


■  BY  ANN  BEONARZ 

The  results  of  two  user  surveys  conducted  by 
financial  analyst  firms  agree:  IT  spending  growth 
next  year  will  be  modest  at  best. 

SG  Cowen’s  Computer  Industry  User  Survey  re¬ 
leased  last  week  at  the  firm’s  2002  Information 
Technology  User  Survey,  projects 
that  IT  budgets  in  2003  will  be 
3.4%  bigger  than  those  this  year. 

Companies  with  less  than  $250 
million  in  revenue  will  increase 
their  IT  budgets  an  average  of  8%, 
while  companies  with  greater 
than  $250  million  in  revenue  will 
see  only  1.8%  growth. 

“It  is  extremely  clear  that  most  of 
the  recovery  were  looking  at  is 
going  to  be  driven  by  smaller  or¬ 
ganizations,”  said  Richard  Chu,SG 
Cowen  managing  director,  at  the 
Boston  event. 

Meanwhile, the  latest  installment 
of  Morgan  Stanley’s  regular  CIO 
Survey  paints  an  equally  conserv¬ 
ative  picture:  “We  believe  that  soft¬ 
ware  spending  will  continue  to  be 
constrained  through  2002  fol¬ 
lowed  by  a  modest  recovery  in 
2003,”  the  firm  wrote.  “We  believe 
that  overall  tech  spending  should 
lag  the  pace  of  a  general  eco¬ 
nomic  recovery  due  to  cautious  buying  behavior 
and  the  lingering  effects  of  overbuying  in  the  past.” 

Security  and  disaster-recovery  projects  ranked 
most  important  among  SG  Cowen’s  700  survey 
respondents.  “Everything  else  pretty  much  paled  in 
comparison,"  Chu  said. 

The  225  respondents  to  Morgan  Stanley’s  survey 


said  their  top  three  priorities  are  application  integra¬ 
tion, security  software,  and  enterprise  resource  plan¬ 
ning  software  and  upgrades. 

Both  surveys  addressed  the  Linux  phenomenon. 

Linux  continues  to  creep  into  corporations, 
Morgan  Stanley  says.  In  its  survey,  29%  of  respon¬ 
dents  indicated  they  own  Linux  servers;  25%  are  for¬ 
mally  or  informally  considering 
purchasing  them. 

SG  Cowen  says  Linux  is  increas¬ 
ingly  pervasive:  44%  of  its  respon¬ 
dents  currently  run  Linux  plat¬ 
forms,  and  45%  say  they  will  em¬ 
phasize  Linux  more  in  the  future. 

SG  Cowen’s  data  suggests  Linux 
growth  will  be  more  at  the  ex¬ 
pense  of  Unix  than  Windows,  Chu 
said. 

Web  services  seem  to  be  as  inter¬ 
esting  to  SG  Cowen  users  as  Linux. 
Today,  54%  of  respondents  are 
using  Web  services,  and  32%  are 
evaluating  for  application  integra¬ 
tion  or  for  new  applications. 

The  level  of  adoption  of  Web 
services  is  surprisingly  high,  said 
Andrew  Brosseau,  managing 
director  at  SG  Cowen.  The  num¬ 
bers  beg  the  question  of  how 
companies  are  using  Web  ser¬ 
vices,  Brosseau  said. 

Meanwhile,  interest  in  CRM  soft¬ 
ware  has  cooled.  SG  Cowen  found  CRM  is  a  strong 
candidate  for  becoming  “shelfware”  —  meaning  it 
sits  purchased,  but  not  deployed,  at  customer  sites. 
The  CRM  market  grew  fast,  and  vendors  were  selling 
the  software  “at  a  pace  much  faster  than  the  ability 
of  customers  to  absorb  and  deploy  those  seats,”  said 
Rehan  Syed.an  SG  Cowen  managing  director.  ■ 


SAN 


21%j 


Wireless  LAN 


16% 


Applications  integration 


13% 


Spending  plans 

Security  and  disaster 
recovery  topped  the  list  of 
high-priority  IT  projects  in 
SG  Cowen's  2002  user  survey. 

Percentage  of  700  users  who  rated  the  following 
projects  a  high  or  medium/high  priority  (multiple 
responces  allowed). 


Security 


Upgrading  PCs 


27% 


Server  consolidation 


23% 


Storage  consolidation 
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Equant  tunes  VPN  for  video 


■  BY  TIM  GREENE 

Equant  is  introducing  a  man¬ 
aged  VPN  service  designed  to 
reduce  customer  costs  for  inter¬ 
national  videoconferencing. 

Called  Video  for  IP  VPN,  the  ser¬ 
vice  guarantees  minimal  packet 
loss,  which  is  critical  to  the  quali¬ 
ty  of  video  images.  Equant  says 
the  service,  which  runs  over  its 
Multi-protocol  Label  Switching 
(MPLS)  IP  VPN  network,  costs  less 
than  commonly  used  and  ex¬ 
pensive  international  ISDN  links, 
although  the  company  would  not 
provide  figures.  Equant  acknowl¬ 
edges  that  for  videoconferencing 
within  a  country  there  might  be 
no  difference  in  cost  between  its 
service  and  ISDN. 

Many  VPN  providers  offer  voice 
class  of  serv  ice,  but  this  is  the  first 


video-specific  product,  says  Mi¬ 
chael  Suby  senior  analyst  with 
Stratecast  Partners.  “We’ve  seen 
SLAs  enhanced  to  prevent  jitter  to 
accommodate  voice,  and  provid¬ 
ers  have  grouped  voice  and  video 
together  as  real-time  services.” 

Infonet  last  week  introduced  a 
voice  class  of  service  and  pro¬ 
mises  a  video  class  by  year-end. 
Sawis  Communications  says  it 
also  will  introduce  a  video  class 
of  service  by  year-end. 

Equant  recommends  that  pac¬ 
ket  loss  for  video  be  less  than 
0.5%,  and  it  offers  service-level 
agreements  on  the  service,  but 
SLAs  vary  depending  on  where 
the  sites  participating  in  a  video- 
conference  are  located.  Different 
regions  support  different  levels  of 
packet  loss,  the  company  says. 

To  buy  the  service,  customers 


must  purchase  Equant’s  Platinum- 
class  service  ports,  ranging  from 
64K  to  155M  bit/sec,  which  let 
customers  send  video,  voice  and 
three  classes  of  data  over  one 
connection.  The  company  has 
two  lower-performance  port  types 
for  data  called  Gold  and  Silver. 

Pricing  for  the  service  is  based 
on  whether  a  customer  uses  sil¬ 
ver,  gold  or  platinum  ports,  the 
bandwidth  of  the  ports  and 
where  the  sites  are  located. 
International  connections  cost 
more  than  in-country  links.  Setup 
costs  for  the  service  are  about 
$2,000  per  site.  There  is  an  addi¬ 
tional  fee  for  managing  the  ser¬ 
vice,  which  is  based  on  Fblycom 
video  equipment  and  a  Cisco 
router  at  each  customer  site.  Users 
also  must  pay  for  access  lines  to 
an  Equant  point  of  presence.  ■ 


SAP,  Siebel  tout 
their  CRM  wares 


■  BY  ANN  BEDNARZ 

SAP  and  Siebel  Systems  — 
archrivals  in  the  CRM  market  — 
announced  upgrades  to  their  re¬ 
spective  CRM  suites  last  week. 
Both  packages  are  aimed  at  mak¬ 
ing  it  easier  for  users  to  aggregate 
customer  information  scattered 
among  multiple  applications. 

According  to  AMR  Research, 
the  driving  force  behind  CRM 
adoption  is  efficiency  Siebel  is 
taking  a  stab  at  improving  pro¬ 
ductivity  through  automated  bus¬ 
iness  processes,  while  SAP  is  em¬ 
phasizing  portal  access. 

In  Version  7.5  of  its  suite,  Siebel 
embedded  dozens  of  business 

CRM  incentives 

Users  most  often  invest  in 
CRM  software  to  improve 
efficiencies,  AMR  Research 
found  in  a  survey  of  509  U.S. 
companies. 


■  Productivity,  efficiency 

■  Competitive  advantage 

■  Customer  demands 

■  Increase  revenue 

■  Cost  reduction 

process  templates  that  users  can 
adjust  through  configuration  set¬ 
tings,  rather  than  resorting  to  cus¬ 
tom  coding.  Each  business  pro¬ 
cess  accomplishes  a  specific  task 
by  knitting  together  what  previ¬ 
ously  required  separate  steps 
to  execute. 

Some  examples  of  Siebel’s  pre¬ 
packaged  templates  are  formu¬ 
lary  management  for  pharma¬ 
ceuticals,  and  trade  promotions 
and  funds  management  for  con¬ 
sumer  goods  companies. 

Also  new  to  Siebel  7.5  is  Uni¬ 
versal  Customer  Master,  which 
collects  data  from  multiple  busi¬ 
ness  units  and  disparate  systems 
to  create  one  repository  of  cus¬ 
tomer  information. 

SAP’s  latest  data  integration 
efforts  center  around  portals. 


The  German  software  maker 
launched  mySAP  CRM  3.1  last 
week  at  Sapphire  ’02,  its  user 
conference  in  Lisbon,  Portugal. 

The  release  more  tightly  ties  in 
SAP’s  portal  technology  — 
gained  in  part  through  SAP’s  2001 
acquisition  of  TopTier  —  to  pro¬ 
vide  access  to  business  data  con¬ 
tained  in  back-end  systems.  Com¬ 
panies  can  personalize  content 
culled  from  different  sources  de¬ 
pending  on  users’  roles.  The  CRM 
release  also  includes  a  new  part¬ 
ner  portal  and  a  commissions- 
management  tool. 

Embedding  its  portal  frame¬ 
work  in  the  CRM  package 
makes  sense  for  SAP  because 
many  of  its  core  CRM  customers 
are  engaged  in  business-to-busi- 
ness  transactions,  says  Kevin 
Scott,  senior  analyst  at  AMR 
Research. 

“This  entails  much  more  open¬ 
ing  up  of  the  back  office  than  it 
would  in  a  [business-to-con- 
sumer]  environment, ’’Scott  says. 

SAP  also  launched  its  Collab¬ 
orative  Master  Data  Manage¬ 
ment  product,  which  is  de¬ 
signed  to  integrate  data  from 
multiple  systems. 

Siebel  and  SAP  also  are  trying 
to  make  it  easier  for  customers 
to  deploy  their  software.  CRM  is 
notoriously  complex,  and  failure 
rates  hover  well  above  50%,  ac¬ 
cording  to  analysts. 

“We’ve  got  an  economy  that  is 
very  unforgiving  right  now;”  says 
Denis  Pombriant,  vice  president 
and  managing  director  of  Aber¬ 
deen  Group’s  CRM  practice. 
“Vendors  are  recognizing  that 
they  really  have  to  throw  strikes, 
and  they  have  to  make  sure  that 
every  deal  is  a  success.” 

Siebel  has  done  a  good  job  of 
articulating  a  methodology  for 
bringing  its  applications  live, 
Pombriant  says. 

For  its  part, SAP  earlier  this  year 
launched  SAP  Solution 
Manager,  a  platform  that  inte¬ 
grates  content,  tools  and 
methodologies  for  implement¬ 
ing,  operating  and  upgrading 
mySAP  products.  ■ 
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Billions  watched  the  FIFA  World  Cup™  as  the  vital  voice 
and  data  from  the  world's  largest  sporting  event  was  sent 
over  one  of  the  world’s  largest  converged  networks,  designed, 
built  and  maintained  by  Avaya.  Typically  a  12-month  project,  it 
was  completed  in  just  four,  and  saved  hundreds  of  thousands  of 
dollars  in  costs.  Our  IP  Telephony  solutions  handled  close  to  100,000 
IP  phone  calls  per  day  and  peak  data  traffic  four  times  that  of  a 
typical  FORTUNE  500 ®  company.  Working  with  international  partners 
and  20  venues  in  two  countries,  Avaya,  a  global  leader  in  voice  and  data 
networks,  delivered  a  practically  flawless  performance.  Utilizing  the  expertise 
of  our  Global  Services  organization  and  patented  Avaya  EXPERT  SystemsSM 
diagnostic  tools,  99.999%  of  packets  were  transmitted  securely  and 
reliably  —  with  virtually  zero  downtime.  See  what  Avaya  can  do  for  your  business. 
For  a  case  study  of  the  FIFA  World  Cup™  network,  visit  avaya.com/nowtwo 


Avaya  scores  with  one  of  the  world's 
largest  IP  Telephony  networks. 
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With  Avaya,  you’re  already  this  close  to  IP  Telephony. 


Because  Avaya,  the  leader  in  voice  solutions,  has  opened  up  the  world  of  IP  Telephony  to  any 
business.  In  fact,  our  feature-rich  MultiVantage™  software  works  in  an  open  architecture.  This  allows  you 
.i  to  utilize  your  existing  investment  in  both  Telephony  and  LAN  switches,  while  extending  Enterprise 
;  Class  IP  Solutions  to  anywhere  in  your  network.  So  you  get  the  flexibility  to  deploy  new  capabilities 

jf/ 

exactly  where  they're  needed  —  while  leveraging  your  current  network  and  applications  investments. 
*'•  To  begin  assessing  your  network,  contact  us  at  866-GO-AVAYA.  Or  learn  more  at  avaya.com/yes 
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Ifc  InfiniBand  has  been  caught  in  this  no  man's  land . . . 
the  IT  community  has  been  totally  gun-shy  about  looking 
at  any  new  technologies.  1 1 


InfiniBand 

continued  from  page  1 

Their  interest  in  the  high-speed  intercon¬ 
nect  is  to  provide  faster  connections  be¬ 
tween  servers,  storage  and  network 
devices.  InfiniBand  has  been  hailed  as  the 
fix  for  server  I/O  processing  bottlenecks 
because  it  operates  at  speeds  ranging  from 
2.5G  to  30G  bit/sec,  much  faster  than  cur¬ 
rent  bus  technologies  that  support  speeds 
up  to  1G  bit/sec. 

Users  say  the  announcement  by  Hitachi 
and  Voltaire  is  most  significant,  because  it 
signals  that  a  large  vendor  finally  is  sup¬ 
porting  InfiniBand  in  a  concrete  way,  as 
opposed  to  just  a  handful  of  start-up  com¬ 
panies  developing  the  technology 

“It’s  the  right  move  on  Hitachi’s  part  —  it’s 
good  for  them,  it’s  also  good  for  the  indus¬ 
try  because  finally  a  storage  vendor  is  step¬ 
ping  up  to  the  plate,”  says  John  Blackman, 
systems  architect  for  Emerging  Tech¬ 
nologies  &  Consulting  at  Wells  Fargo  Bank 
in  Minneapolis. 

However,  analysts  say  that  more  large  sys¬ 
tems  vendors  need  to  endorse  the  high¬ 


speed  bus  and  do  it  soon. 

“Large  vendors  like  IBM,  Dell  and  Sun 
have  to  come  out  and  say  they  are  really 
going  to  deploy  InfiniBand  in  their  prod¬ 
ucts  for  the  market  to  be  real,”  says  Jamie 
Gruener,  a  senior  analyst  with  The  Yankee 
Group.’The  next  three  to  six  months  will  be 
really  crucial.  Either  InfiniBand  will  not 
take  off  because  no  one  provides  products 
at  the  large-vendor  level,  or  it  will  take  off 
and  force  other  vendors  to  the  table.” 

Recently  Hewlett-Packard,  Intel  and 
Microsoft  softened  on  their  plans  to  imple¬ 
ment  InfiniBand  hardware  and  software, 
causing  user  and  vendor  concern  that  their 
actions  would  result  in  a  stampede  away 
from  the  nascent  technology 


Correction 


IB  The  story  “’New'  HP  posts  mixed 
results"  (Sept.  2,  page  10)  should  have 
stated  the  managing  director  for  brokerage 
firm  SG  Cowen  as  Richard  Chu. 


Arun  Teneja 

Analyst,  Enterprise  Storage  Group 

While  analysts  project  that  InfiniBand 
first  will  be  deployed  in  blade  servers  and 
as  a  link  between  processors  in  servers  and 
storage,  users  are  just  now  starting  to  think 
about  the  technology 

“Over  the  last  quarter  of  this  year  we  will 
be  evaluating  the  requirements  we  need  to 
move  forward,  the  equipment  we  want  to 
bring  in  and  where  we  want  to  start,” 
Blackman  says.  “Going  into  next  year  we 
will  do  all  our  technical  assessments, 
proofs  of  concepts  and  pilots,  so  that  in 
2004,  we’ll  be  ready  for  production,  provid¬ 
ed  the  industry  is  ready  as  well.” 

Blackman  intends  to  use  InfiniBand  in 
his  data  center  initially  to  cluster  servers. 


A  rough  development  cycle 

InfiniBand  has  had  a  rocky  development 
cycle  beginning  in  1998,  with  few  users 
implementing  or  even  understanding  the 
technology  Like  other  cutting-edge  tech¬ 
nologies,  such  as  server  blades  and  iSCSI, 
InfiniBand  has  suffered  from  economic 
conditions  that  are  prompting  users  to 
make  conservative  decisions  in  favor  of 
more  established  technologies. 

“The  timing  couldn’t  be  any  worse,”  says 
Arun  Taneja,  an  analyst  for  Enterprise 
Storage  Group.  “InfiniBand  has  been 
caught  in  this  no  man’s  land  in  the  sense 
that  the  economy  has  been  really  bad,  and 
with  9/1 1  happening,  the  IT  community  has 
been  totally  gun-shy  about  looking  at  any 
new  technologies.” 

InfiniBand  vendors  acknowledge  that 
they  have  been  surprised  by  how  long  their 
technology  has  taken  to  develop. 

“We  were  a  bit  aggressive  about  how 
quickly  InfiniBand  would  be  adopted,” says 
Bob  Fabbio,  CEO  of  Vieo,  an  InfiniBand 
management  company 

Gruener  of  The  Yankee  Group  forecasts 
that  InfiniBand  used  with  servers  and  stor¬ 


age  will  increase  from  $32  million  in  2002 
to  more  than  $1.53  billion  in  2006. 

Despite  the  initial  sluggishness, there  still 
appears  to  be  significant  vendor  interest 
in  the  technology.  Auspex,  a  network- 
attached  storage  vendor,  has  announced 
that  it  is  using  InfiniBand  to  tie  together 
the  processors  in  its  NAS  appliances;  Net¬ 
work  Appliance  is  rumored  to  be  interest¬ 
ed  in  the  technology;  and  IBM  has  said 
that  it  would  implement  InfiniBand  across 
its  server  lines. 

Analysts  also  say  the  delay  in  InfiniBand 
deployment  has  hurt  vendors  that  lack  suf¬ 
ficient  funding  to  carry  them  over  the 
drought. 

Banderacom  is  InfiniBand’s  latest  victim. 
Just  last  month,  the  silicon  adapter  and 
switch  company  laid  off  two-thirds  of  its 
employees,  CEO  Les  Crudele  left  the  com¬ 
pany,  and  sources  say  the  company  is  look¬ 
ing  to  expand  its  product  offerings  into 
other  areas. 

Even  Intel,  Qlogic  and  Microsoft  decided 
that  InfiniBand  didn’t  fit  within  their  imme¬ 
diate  goals.  Intel  abandoned  development 
of  its  lx  (2.5G  bit/sec)  silicon.  Qlogic 
announced  last  week  that  it  would  focus 
on  iSCSI  and  Fibre  Channel  instead  of 
InfiniBand;  and  Microsoft  was  writing  an 
InfiniBand  driver  for  Windows  2000  and 
.Net  server  but  decided  instead  to  focus  on 
Gigabit  Ethernet  and  let  third-party  ven¬ 
dors  do  the  work. 

Despite  that,  in  the  next  month,  observers 
expect  system  vendors  such  as  HRIBM  and 
Sun  to  make  announcements  either  about 
servers  that  will  be  InfiniBand-enabled, 
faster  4x  silicon  or  statements  of  their  ded¬ 
ication  to  the  technology  IBM  is  expected 
to  announce  general  availability  of  its  4x 
(10G  bit/sec)  silicon,  code-named  Torrent, 
as  soon  as  next  Monday 

In  addition,  a  number  of  start-ups  are 
expected  to  make  their  moves  soon. 
DivergeNet  is  working  on  switches  and 
host  adapters  to  fit  in  host  computers; 
InfiniFast  is  developing  four-  and  eight- 
port  switches;  Topspin,  a  hardware  and 
software  start-up, is  virtualizing  InfiniBand, 
Gigabit  Ethernet  and  Fibre  Channel  into 
the  same  pool  for  data  center  use.  Like 
DivergeNet,  SBS  Technologies  will  make 
host  adapters  and  switches;  and  CSS  Labs 
is  developing  InfiniBand  blades,  switches, 
bridges  and  host  adapters  to  go  in  servers. 

In  a  related  announcement,  the  Infini¬ 
Band  Trade  Association  and  Intel  will 
launch  the  InfiniBand  Evaluation  pro¬ 
gram  this  week  at  the  Intel  Developer 
Forum  to  help  customers  evaluate  and 

d  e  p  1  o  v  get  more  information  online. 
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Road  ahead  for  InfiniBand 

InfiniBand  revenues  are  projected  to  increase  through 
2006,  after  a  slow  2002. 
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Spam 

continued  from  page  1 

by  corporate  systems. 

Network  executives  and  ven¬ 
dors  admit  that  keyword  search¬ 
ing  just  won’t  cut  it,  and  that  a 
combination  of  filtering  tech¬ 
niques  and  more  sophisticated 
filtering  methods  such  as  those 
that  examine  context  must 
be  used. 

“There  were  good  intentions 
with  the  design  of  content  and 
spam  filtering”  says  Dave  Bailey 


Brian  Youngerman 

Publisher,  Sports  Bar  Interactive 

e-commerce  and  messaging 
architect  for  Imerys,  a  global 
mineral  processing  company  in 
Atlanta.  Bailey  says  the  percent¬ 
age  of  spam  as  part  of  his  total 
e-mail  volume  has  hit  30%. 

He  says  spam  filtering  is  an 
absolute  necessity,  but  the  Syman¬ 
tec  filtering  software  he  uses  has 
taken  some  getting  used  to. 

“We  have  found  that  these  sys¬ 
tems  take  some  care  and  feeding, 
and  that  periodically  you  must 
check  your  log  files  to  see  what 
you  are  trapping,”  Bailey  says.“We 
try  to  communicate  to  our  busi¬ 
ness  users  that  we  are  going  to 
tune  our  spam  filter,  that  they  may 
lose  some  legitimate  e-mail,  and 
that  we  have  procedures  in  place 
to  handle  that.” 

The  company  began  filtering 
image  files,  in  which  spammers 


can  display  their  text  messages 
and  avoid  filters,  but  Bailey  says 
company  engineers  who  need¬ 
ed  to  exchange  images  began 
complaining  about  mail  being 
blocked  and  the  system  had  to 
be  adjusted.  He  says  the  com¬ 
pany  now  quarantines  blocked 
mail  so  users  can  inspect  it  if 
they  wish. 

Gail  Coury,  CIO  for  software 
developer  J.D.  Edwards,  says  she 
ran  her  filtering  software  in  mon¬ 
itoring  mode  for  a  month  to 
gauge  its  effectiveness  before  it 


went  live. 

“We  learned  that  we  needed  to 
relax,”  Coury  says.  “We  had  to 
relax  the  keyword  search;  that 
was  one  issue.” 

The  company  filtered  out  a 
crude  three-letter  word  often 
found  in  pornographic  spam  only 
to  discover  that  it  was  also  an 
acronym  used  commonly  by 
their  developers.  Coury  says  she 
logged  96  calls  in  the  first  30  days 
of  filtering  from  users  who  want¬ 
ed  to  know  why  their  mail  was 
blocked. She  says  40%  of  that  mail 
was  legitimate  business  mail. 

“As  long  as  spam  is  sent,  we 
have  to  put  some  sort  of  controls 
in  place,  but  it  does  create  an 
uncertainty  in  message  delivery/’ 
says  Coury,  who  adds  that  users 
are  pleased  overall  with  the  filter¬ 
ing  because  it  eliminates  the 


most  offensive  spam. 

Uncertainty  seems  to  be  a  con¬ 
sequence  of  filtering  and  is  being 
felt  by  more  users. 

A  recent  survey  by  Osterman 
Research  showed  that  only  25% 
of  users  were  “very  satisfied" 
with  their  spam  filter’s  ability 
not  to  generate  false  positives. 
Another  35%  said  they  were 
somewhat  satisfied.  Twenty-four 
percent  were  neutral  on  the 
issue,  and  16%  expressed  a  de¬ 
gree  of  dissatisfaction. 

“The  whole  issue  of  blocking 
spam  is  a  very  difficult  one  right 
now,”  says  Michael  Osterman, 
president  of  Osterman  Research. 
“This  is  still  a  real  tricky  area,  and 
people  are  just  getting  their  feet 
wet  with  filtering.  It’s  experiment¬ 
ing  with  the  tools  to  find  the  right 
balance  for  false  positives.” 

He  says  what  will  drive  adminis¬ 
trators  to  take  a  more  conserva¬ 
tive  approach  is  when  the  CEO 
sends  a  message  that  no  one 
receives.  “The  bottom  line  is  that 
people  would  rather  get  spam 
than  not  get  e-mail.” 

Osterman  says  if  companies 
can  block  somewhere  in  the 
neighborhood  of  85%  of  the 
spam  they  get,  they  can  be  fairly 
certain  that  their  false  positives 
will  be  very  low. 

But  he  says  the  filtering  issue  is 
raising  questions  over  trust  in 
e-mail  delivery,  because  spam¬ 
mers  have  taken  such  advantage 
of  the  infrastructure. 

Filtering  out  newsletters 

No  one  knows  that  better  than 
those  that  publish  newsletters  or 
send  out  large  volumes  of  e-mail 
that  users  choose  to  receive. 

“I  hope  these  filters  are  a  stop¬ 
gap  measure  and  better  solutions 
are  on  the  way  because  if  they  are 
as  arbitrary  as  they  are  today 
[then]  they  will  cause  more  prob¬ 
lems  than  they  solve,”  says  Geoff 
Duncan,  publisher  of  TidBITS,  an 
opt-in  e-mail  newsletter  for  Mac¬ 
intosh  enthusiasts. 

Duncan  says  he  has  seen  as 
much  as  20%  of  his  e-mail  distrib¬ 
ution  of  45,000  newsletters  get 
blocked.  The  offending  words  or 
phrases  that  have  triggered  filters 
included  “Viagra”  and  “my  pic¬ 
tures.”  He  tried  self-censoring  but 
has  since  stopped  because  he 
said  it  was  a  losing  battle. 

“Private  companies  block 
email,  but  for  senders  it  can  be  a 
real  problem,”  Duncan  says. 

“You  never  really  know  what  fil¬ 
ters  are  doing  or  not  doing,”  says 
Brian  Youngerman,  who  pub¬ 
lishes  an  opt-in  sports  newsletter 
called  Sports  Bar  Interactive. 


Fighting  spam 

Network  executives  should  follow  a  few  general  deployment 
guidelines  to  reduce  the  amount  of  legitimate  e-mail  that 
spam  filters  might  block. 

•  Run  the  software  in  a  monitoring  mode  first  to  help  you  gauge 
what  is  being  blocked  before  going  live  with  end  users. 

•  Start  off  with  a  conservative  attitude  toward  blocking,  which 
will  let  a  lot  of  spam  escape  the  filter  but  nearly  eliminate  false 
positives,  and  work  your  way  up  to  an  acceptable  balance. 

•  Use  a  combination  of  filtering  techniques  such  as  keywords, 
domain  and  IP  blocking,  blacklists,  whitelists  or  collection 
accounts.  Look  for  software  with  more  sophisticated  filtering 
methods  such  as  heuristics. 

•  Quarantine  blocked  mail  and  give  users  the  option  to  see  their 
mail  that  has  been  filtered  before  it  is  deleted. 


fcfc  I  hate  spam  as  much  as  anyone,  but  if 
you  can't  guarantee  the  delivery  of  e-mail  or 
get  the  e-mail  you  are  expecting  that's  not 
the  Internet. 9 9 


Antispam  survey 

A  recent  Osterman  Research  survey  shows  that  spam  is 
the  No.  1  concern  when  managing  corporate  e-mail  systems. 


What  is  the  biggest  problem  you 
face  in  managing  e-mail  in  your 
organization? 

Spam/spammers 


32.1% 


Which  of  the  following  best 
describes  the  ideal  anti¬ 
spam  capability  you  would 
ultimately  like  to  implement 
for  your  organization? 


Mailbox  size/mail  quotas 


14.7% 


Disk  space/storage  issues 


11.9% 


E-mail/records  retention/archiving  issues 


9.2% 


Viruses 


6.4% 


Employee  mistakes/not  maintaining  mailboxes 


5.5% 


Content  concerns 


Employee  abuse  of  e-mail 

urn 

Attachment  issues 

EsSEI 

Volume/increasing  volume  of  e-mail 

!S5J 


Combination  of  in-house  server/ 
gateway  and  desktop 

36.8%  -i 


Outsourced 

system 

10.3% 

Other 

1.5% 


Desktop-based 
system  only 

-  4.4% 


In-house  server/gateway-based 
system  only 

- 47.1% 


“1  hate  spam  as  much  as  anyone 
but  if  you  can’t  guarantee  the 
delivery  of  e-mail  or  get  the  e-mail 
you  are  expecting,  that’s  not  the 
Internet.  That’s  like  Prodigy  was 
years  ago,  a  closed  system.” 

Youngerman  says  this  is  the  first 
time  that  users  have  to  face  the 
fact  that  their  legitimate  e-mail 
may  not  be  delivered. 

Vendors  of  spam  filters  are 
working  to  ensure  that  Younger¬ 
man  s  statement  isn’t  fact  for  long. 

Companies  such  as  Brightmail, 
Pbstini,  Cloudmark  and  Message- 
Labs  tout  the  accuracy  of  their 
products  and  have  devised  vari¬ 
ous  methods,  such  as  dummy  ac¬ 
counts  to  create  lists  of  spam  or 
tapping  end  users  to  create  lists  of 
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■  THIS  WEEK’S  QUESTION: 

What’s  the  name  of  the 
new  film  by  horror  movie 
directorWilliam  Malone 
about  a  Web  site  linked 
to  several  murders? 
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known  spam,  to  combat  the  inac¬ 
curacies  cropping  up  with  key¬ 
word  and  content  filtering. 

“Accuracy  is  critical  for  us,”  says 
Enrique  Salem,  CEO  of  Bright¬ 
mail,  which  provides  server-side 
spam  filters.  “But  if  the  recipient 
has  a  bad  spam  filter  you  never 
know  what  is  going  to  be 
stopped." 

Salem  says  Brightmail,  which 
some  estimate  has  nearly  50%  of 
the  antispam  market,  blocked  845 
million  spam  messages  in  July 
and  that  the  percentage  of  spam 
as  a  total  of  all  e-mail  sent  has 
risen  from  8%  in  September 
2001  to  35%  in  July 

“Content  filtering  is  not  the 
answer.  It  has  to  be  used  in  con¬ 
junction  with  other  tools,”  says 
Pavni  Diwanji,  co-founder  of 
Mail  Frontier,  which  released  its 
first  product  last  month  — 
client-side  software  for  Microsoft 
Outlook.That  product  will  be  fol¬ 
lowed  this  month  by  server-side 
software  that  can  work  in  tan¬ 
dem  with  it  to  provide  various 
levels  of  filters  and  techniques 
to  trap  spam. 

“E-mail  is  an  open  system  and 
instant  messaging  is  a  closed  sys¬ 
tem  where  you  establish  who 
you  want  to  talk  to  —  the  future 
of  e-mail  is  somewhere  in  be¬ 
tween,”  Diwanji  says.  “Spam 
could  ruin  e-mail.  You  may  just 
want  to  turn  it  off  to  the  outside 
world.”  ■ 
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Study:  Bluetooth  security  should  raise  red  flags 


■  BY  JOHN  COX 

Because  much  of  the  Bluetooth  wireless 
security  model  is  optional,  network  execu¬ 


tives  should  start  setting  policies  for  han¬ 
dling  the  short-range  radio  technology, 
according  to  new  Gartner  research. 

A  key  element  of  that  model  is  link-layer 


security  But  Bluetooth-equipped  devices 
available  today  are  not  required  to  have 
this  activated.  The  result:  Corporate  data 
can  pass  over  a  Bluetooth  connection 
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between  a  mobile  phone  and  a  laptop 
unprotected  by  encryption  and  vulnerable 
to  interception. 

Bluetooth  is  a  wireless  specification,  man¬ 
aged  by  the  Bluetooth  Special  Interest 
Group  (SIG),  that  describes  a  1M  bit/sec, 
2.4-GHz  radio  connection  that  reaches 
about  30  feet.  It's  being  used  to  replace 
cable  connections  between  mobile 
phones,  headset,  laptops,  PDAs,  keyboards 
and  fax  machines.  Each  Bluetooth 
equipped  product  supports  one  or  more 
Bluetooth  applications, called  profiles, such 
as  file  sharing,  voice  and  dial-up  network¬ 
ing.  Bluetooth  products  can  carry  a 
Bluetooth  SIG  “classmark"  or  designation 
indicating  which  profiles  are  available. 

The  number  of  products  carrying  Blue¬ 
tooth  radios  is  surging,  says  William 
Clark,  director  for  Gartner’s  mobile  and 
wireless  research.  Already,  nearly  700 
products  are  on  the  market,  from  more 
than  50  vendors  including  Nokia,  Palm 
and  Hewlett-Packard. 


Securing  Bluetooth 

Gartner’s  advice  for  using  the 
wireless  technology: 

•  Be  aware  that  a  growing  number  of 
devices  now  include  Bluetooth. 

•  Key  security  and  management 
features  are  optional. 

•  Require  link-level  security. 

•  Always  use  application-level  security, 
such  as  SSL  orVPNs. 

•  Create  corporate  policies  about 
Bluetooth  risks,  protections  and  usage. 


Gartner  estimates  that  161  million 
Bluetooth-equipped  products  will  ship  in 
2003,  rising  to  362  million  in  2004.  Close  to 
80%  of  these  products  will  be  mobile 
phones,  laptops  and  PDAs.  Employees 
could  use  Bluetooth  to  connect  their  lap¬ 
top  to  a  mobile  phone  or  fax  machine, cre¬ 
ate  a  mini-network  of  PDAs  and  laptops,  or 
automatically  synchronize  information  on 
different  computers  or  handhelds. 

The  Bluetooth  specification  works  well  at 
the  lowest  levels,  Clark  says,  but  many  fea¬ 
tures  affecting  security  and  management 
are  not  required  by  the  standards  group. 
Besides  the  link  layer,  security  settings  for 
each  profile  are  also  optional.  If  these  are 
not  available  or  not  activated  data  is  vul¬ 
nerable  wherever  Bluetooth  is  used  as  a 
connection  medium, Clark  says. 

Clark  has  calculated  that  the  two  facts 
add  up  to  unexpectedly  high  costs  for  com¬ 
panies.  “We  project  that  [Bluetooth]  will 
add  $70  per  user,  per  year,  to  the  total  cost 
of  ownership  for  mobile  computing  de¬ 
vices,"  Clark  says.  Given  that  the  Bluetooth 
SIG  has  announced  a  goal  of  driving 
Bluetooth  chip  costs  to  less  than  $5,  that’s  a 
huge  premium  for  a  big  company  with  lots 
of  Bluetooth  devices.  ■ 


■  Cost-effective  access 
routing  for  branch  office 
connectivity  and 
Internet  access 

■  Recognizable  Command 
Line  Interface  (CLI) 

■  No  retraining  or 
costly  certification 

■  Built-in  stateful 
inspection  firewall 

■  Interoperable  with  other 
standards-based  routers 

■  Optional  PBX  connectivity 

■  Optional  dial 
backup  system 

■  Built-in  DSU/CSU  for 
WAN  termination 

■  Free  24x7  telephone 
technical  support 

■  Optional  extended 
installation  and 
maintenance  program 


This  powerful  new  access  router  from  ADTRAN  is  everything  you 
need  in  a  router,  and  then  some,  at  a  cost  that’s  up  to  55  percent 
less  than  other  brand  name  routers.  This  high-quality,  low-cost 
alternative  features  a  stateful  inspection  firewall,  a  DSU/CSU,  and  a 
familiar  CLI.  Comprehensive  dial  backup  and  PBX  connectivity  are 
available  at  a  minimal  cost.  Interoperable  with  other  standards-based 
routers,  the  NetVanta  3000  series  fits  seamlessly  into  your  existing 
network.  Backed  by  unlimited  telephone  support  and  a  5-year 
warranty,  the  NetVanta  3000  series  is  clearly  the  intelligent  choice. 

New  vendor  to  routing?  No  way!  ADTRAN  has  incorporated  its 
router  technology  into  selected  WAN  connectivity  products  for  the 
past  five  years;  with  more  than  75,000  now  installed  in  networks 
around  the  world.  The  NetVanta  3000  series  is  the  latest  in  a  long 
line  of  market-leading  internetworking  and  connectivity  solutions, 
from  a  company  with  a  17-year  history  of  customer  satisfaction. 


Dare  to  compare  the  new  NetVanta  3000  series! 

www.dare2compare.adtran.com 


877.212.0327  Technical  Questions 
877.280.8416  Where  to  Buy 


Experts  choose  ADTRAN7 


Copyright  £'2002  ADTRAN  Inc.  All  rights  reserved  ADTRAN  and  NetVanta  are  trademarks  of  ADTRAN,  Inc.  EN42A090202NW 


NETWORLD+INTEROP 
Booth  521 


In  a  world  where  there’s  a  different  kind  of  threat  every  day,  you  need  a  different  kind  of  security. 

New  threats  can  blow  through  any  firewall  or  anti-virus  software.  That's  why  we  deliver  seamless  information  protection 
with  centralized  management  for  networks,  servers  and  desktops.  From  proactive  research  and  award-winning  software  to 
24/7  protection  and  response  services,  our  solutions  detect,  prevent  and  respond  to  attacks  and  misuse.  And  it's  all  backed  by 
the  X-ForceT  our  global  protection  services  organization.  Want  to  see  more?  Call  800-776-2362.  Or  visit  www.iss.net/nww. 
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Integrity  in  testing 

Welcome  to  the  premiere  issue  of  Tolly  Benchmarks!  We  conceived  this 
supplement  with  the  intent  to  inform  network  managers  like  you  about 
some  of  the  more  innovative  products  that  pass  through  our  state-of-the-art 
testing  facilities.  Those  of  you  who  know  The  Tolly  Group  recognize  we  operate 
with  a  high  level  of  integrity.  For  you  newcomers,  we  take  our  testing  and  our 
objectivity  seriously. 

Our  Fair  Testing  Charter  is  an  industry  first  for  testing  organizations  and  has 
been  in  effect  since  1998.  Our  aim  is  to  create  objective  tests  that  are  based  on 
sound  testing  methodologies;  our  full  Test  Summary  reports  disclose  ample 
details  so  that  anyone  can  reproduce  the  results  should  they  so  desire.  (You  can 
check  out  our  Fair  Testing  Charter  or  our  Test  Summaries  at  www.tolly.com.) 

Our  hope  is  that  the  testing  articles  in  this  supplement  whet  your  appetite  for 
more  detailed  information  concerning  the  tests  we  run  on  products  covered  in 
these  pages.  While  we  cannot  possibly  cram  all  the  details  of  a  test  project  into 
these  pages  we  can,  and  do,  provide  you  with  references  back  to  full  test  reports. 
Our  Test  Summaries  also  provide  readers  with  extra  info,  such  as  configuration 
files  and  data  files  used  in  tests. 

We  want  this  publication  to  be  useful  for  your  day-to-day  decisions  regarding 
products.  More  importantly,  we  want  you  to  drive  the  content  for  these  pages. 
Tell  us  what  vendors  you  want  to  see  covered  here  and  what  products  or 
technologies  are  strategic  to  your  organization.  I  commit  to  you  that  we'll  do 
our  part  to  convey  that  info  to  vendors  and  show  them  that  users,  like  you,  want 
their  products  covered  by  the  industry's  leading  independent  testing  voice. 

Drop  me  an  E-mail  at  cbruno@tolly.com  and  let  me  know  what  you  think  about 
Tolly  Benchmarks,  and  what  you'd  like  to  see  in  future  supplements.  We're  here 
to  serve  you.  Let's  work  together. 

Charles  Bruno 
Executive  editor 
The  Tolly  Group 
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Nortel  boosts  switch  reliability 

Tests  reveal  that  Nortel's  Passport  8600 
Routing  Switch  recovers  from  device, 
link  and  network  failures  in  less  than 
one  second . 2 


HP  switch  beats  close  rival 

Procurve  4108GL  blows  past  competitor 
in  Fast  Ethernet/Gigabit  Ethernet 
throughput  benchmark . 3 


TCO  study  eyes  VoIP  costs 

Shoreline  Communications  puts  its 
DIVA  VoIP  architecture  up  against 
alternative  plan  in  five-year  VoIP 
cost  analysis . 4 


Foundry  passes  Interop  tests 

Foundry  Networks  demonstrated  its 
Fastlron  400's  wide  support  for 
interoperability  in  Layer  2/Layer  3 
tests  against  13  other  switches . 5 


Dell  switch  excels  at  QoS 

Dell's  PowerConnect  3248  blends 
wire-speed,  zero-loss  throughput 
with  advanced  QoS . 6 


Siemens  tackles  convergence 

Tests  show  that  Siemens’  Skyport 
facility  offers  a  blueprint  for  delivering 
high-quality  voice  and  QoS  for 
business-critical  apps . 7 


ABOUT  TOLLY  BENCHMARKS 

Tolly  Benchmarks  is  a  regular  advertising  supplement  that  highlights  innovative  and  compelling  technology  research  conducted 
by  The  Tolly  Group,  the  industry's  leading  independent  testing  and  strategic  consulting  organization  based  in  Manasquan,  N.J. 
Tolly  Benchmarks  is  designed  to  inform  networking  IT  readers  about  emerging-class  products  and  services  that  play  a  pivotal 
role  in  the  daily  operation  of  enterprise  networks. 

The  Tolly  Group  is  recognized  worldwide  for  its  expertise  in  assessing  leading-edge  technologies. 

All  research  that  is  the  basis  for  Tolly  Benchmarks  has  been  underwritten  by  sponsoring  vendors. 

However,  Tolly  Group  test  methodologies  conform  to  the  company's  Fair  Testing  Charter  to 
ensure  fairness,  consistency  and  objectivity  in  tests.  For  more  information  on  any  of  the  products 
or  technologies  covered  here,  visit  The  Tolly  Group's  Web  site  at  http://www.tolly.com,  send 
E-mail  inquiries  to  info@tolly.com,  call  (732)  528-3300  or  fax  (732)  528-1888. 
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Nortel  sets  high  standard  for 
network  availability  with  Passport  8600 


Project  Profile 


Product  name: 

Nortel  Networks  Passport  8600 

Version  Tested: 

REL3.2.2.0_B030 

Product  Class: 

Backbone  switch  with 
carrier-class  reliability 

Testing  Date: 

April  through  May  2002 

Document  Number: 

202123 

For  the  complete  Test  Summary,  visit: 

http://www.  tolly.  com/TollyBenchmarks 


Nortel  Networks  Passport  8600 

Recent  tests  of  Nortel  Networks'  flagship  core  backbone  switch  demonstrate  the 
capability  to  detect  and  recover  from  a  variety  of  device,  link  and  network  failures 
in  less  than  one  second,  ensuring  that  critical  business  applications  continue 
unabated  even  during  a  hiccup  in  network  availability. 

The  tests  of  Nortel’s  Passport  8600  Routing  Switch  prove  that  the  device  delivers 
carrier-class  reliability  to  enterprise-level  IP  networks  that  support  latency- 
sensitive  applications  such  as  voice  and  video  alongside  other  business-critical 
data  types  on  IP  backbones.  Moreover,  the  Passport  8600's  capabilities 
ensure  that  service  upgrades  should  have  zero  impact  on  network  services 
and  applications. 

Nortel  commissioned  The  Tolly  Group  to  investigate  the  availability  and  reliability 
capabilities  of  the  Passport  8600's  Split  Multi-link  Trunking  (Split  MLT)  and 
determine  the  impact  that  the  switch's  high-availability  capabilities  have  on 
network  reconvergence  and  on  survivability  of  key  switch  components.  Testing 
was  conducted  from  April  through  May  2002. 

Split  MLT  is  a  Nortel  Networks  capability  that  allows  switches  to  be  dual-homed 
to  two  Passport  8600s  using  standards-based  IEEE  802. 3ad  link  aggregation 
and  eliminating  the  need  for  complicated  Spanning  Tree  designs.  By 
dual-homing  with  802. 3ad,  users  can  improve  network  performance,  resiliency 
and  network  redundancy. 


"Tests  show  that  Nortel's 
Split  Multi-link  Trunking  on  the 
Passport  8600  demonstrates 
sub-second  recovery  on  a  link 
failure,  preserving  session 
state  for  critical  services  such 
as  voice  and  video." 

Jim  Quinn 
VP,  Technology 
The  Tolly  Group 


Tolly  Group  engineers  tested  the  high  availability  and  reliability  capabilities  of 
Split  MLT  on  the  Passport  8600s  by  subjecting  a  pair  of  Passport  8600s  to  a 
variety  of  network  and  system  outages.  These  included:  loss  of  the  Split  MLT 
trunk,  loss  of  the  Inter-Switch  Trunk  link,  loss  of  an  aggregation  switch,  loss  of  a 
master  switch  fabric,  loss  of  a  Fast  Ethernet/Gigabit  Ethernet  module  and  loss  of 
a  power  supply,  among  other  scenarios.  In  every  failure  scenario,  the  affected 
Passport  8600  reconverged  network  links  in  under  one  second.  This  is  much 
faster  than  the  network  reconvergence  of  the  Spanning  Tree  protocol,  which  is 
known  to  consume  upwards  of  30  seconds  or  more  to  rebuild  network 
connections  during  a  link  outage. 

In  tests,  Tolly  Group  engineers  ran  streaming  video  and  VoIP  traffic  over  the 
Split-MLT  connections  during  a  loss  of  switch  system  resources.  The  fail  over  was 
so  fast  at  the  sub-second  rate  that  there  was  no  loss  of  VoIP  and  video  sessions, 

showing  that  application  sessions  can  be 
maintained  even  during  link  failure. 


Average  Sub-Second  Recovery  Times  for  Passport  8600 

(Failure  types  denoted) 


0.74  Priority 
Hybrid  Stack  Link 


Stacked  BPS 
VLAN  64/80 


0.0  Backup 
Stacked  Link 


0.38  Fast/ 
Gigabit  Module 
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Passport  8600  A 

0.0  Master 
CPU  Outage 


IST-MLT1 
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Passport  8600  B 

0.91  Link  Failure 
0.53  Loss  of  Inter-Switch  Trunk 


0.0  Passport  8600 
Backup  Failure 

0.0  Power 
Supply  Outage 


On  the  high  availability  side,  engineers  failed 
the  Passport  8600's  primary  switch  fabric  and 
CPU.  Loss  of  the  switch  fabric  resulted  in  380 
to  525  milliseconds  of  non-forwarding  activity, 
while  the  loss  of  a  redundant  CPU  resulted  in 
zero  downtime. 

Engineers  also  performed  a  "hitless"  upgrade, 
meaning  they  could  upgrade  a  Passport  8600 
software  without  the  need  to  take  it  down  for 
maintenance.  Also,  engineers  observed  that 
modules  in  the  Passport  8600  could  be  "hot 
swapped”  without  bringing  down  the  system. 
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HP  Procurve  switch  beats  top  rival 
in  Fast  Ethernet/GbE  throughput  tests 


Test  Highlights 

O  Delivers  100%  of  theoretical  maximum  throughput  for  all  frame  sizes  in  intra-module  tests  across  48  Gigabit 
Ethernet  port  pairs,  as  well  as  192  Fast  Ethernet  port  pairs 

O  Surpasses  the  performance  of  Cisco's  Catalyst  4006  delivering  up  to  85%  greater  zero-loss  throughput  in 
various  frame  tests 

O  Delivers  twice  the  forwarding  performance  as  the  Catalyst  4006  in  a  mixed  topology  network  when  handling 
512-byte  and  1,518-byte  frames 


Hewlett-Packard 
Procurve  Switch  4108GL 

Hewlett-Packard  Co.'s  Procurve  Switch  4108GL  far  outpaced  a  Cisco 
Catalyst  4006  in  competitive  Layer  2  Fast  Ethernet/Gigabit  Ethernet 
forwarding  performance  tests. 

Customers  who  intend  to  deploy  Layer  2  switches  can  do  so  with  the 
confidence  that  the  Procurve  Switch  4108GL  delivers  zero  frame-loss 
when  handling  line-rate  bidirectional  traffic.  In  addition,  tests  validate  that 
the  switch  performs  well  in  a  mixed  network  topology  and  in  a  variety  of 
port  configurations. 

HP  commissioned  The  Tolly  Group  to  conduct  the  competitive 
benchmark  assessment  of  the  HP  Switch  4108GL,  a  high-density,  high- 
performance  Layer  2  switch  with  eight  slots  that  accommodates  a  variety 
of  modules.  For  these  tests,  The  Tolly  Group  tested  the  switch  with  copper 
interface  modules.  The  Cisco  Catalyst  4006  offers  six  slots;  for  this  test, 
engineers  outfitted  the  device  with  copper  interface  modules. 

In  zero-loss  Gigabit  Ethernet  bidirectional  throughput  tests,  the  HP  Switch 
4108GL  delivered  100%  of  the  theoretical  maximum  throughput  at  all 
frame  sizes  tested  (64,  512,  and  1,518  bytes)  in  a  48-port  intra-module 
port-pairing  scheme.  By  comparison,  the  Catalyst  4006  delivered  20%  of 
the  theoretical  maximum  throughput  at  512-  and  1,518-byte  frames  and 
15%  at  64-byte  frames. 

For  performance  tests  in  a  Fast  Ethernet  network  topology,  the  HP  Switch 
4108GL  delivered  100%  of  theoretical  maximum  throughput  at  all  tested 
frame  sizes  in  multiple  port-pairing  scenarios.  By  comparison,  the  Catalyst 
4006  delivered  95%  of  the  theoretical  maximum  at  64-byte  frames. 

For  performance  tests  in  a  mixed  Fast  Ethernet/Gigabit  Ethernet  topology, 
the  HP  Switch  4108GL  delivered  40%  of  the  theoretical  maximum  zero-loss 
throughput  when  forwarding  512-  and  1,518-byte  frames  and  35%  of  the 
theoretical  maximum  throughput  when  forwarding  64-byte  frames.  By 
comparison,  the  Catalyst  4006  only  delivered  20%  of  the  theoretical 
maximum  when  forwarding  512-  and  1,518-byte  frames  and  15%  at 
64-byte  frames. 

Beyond  performance,  the  HP  Switch  4108GL  surpassed  the  Catalyst  4006 
in  cost-of-ownership  comparisons,  too.  In  tests  of  mixed  Fast  Ethernet  and 
Gigabit  Ethernet  ports,  the  HP  Switch  4108GL  posted  a  total  cost  per 
gigabit  of  throughput  of  $1 ,416  -  more  than  6-1/2  times  less  costly  than 
the  Catalyst  4006  cost-per-gigabit  of  $9,260. 


Project  Profile 


Product  name: 

HP  Procurve  Switch  4108GL 

•  Procurve  Switch  1 0/1 00-T 
GL  Module  (HP  J4862A) 

•  Procurve  Switch  100/1000-T 
GL  Module  (HP  J4863A) 

Version  Tested: 

G.03.10 

Product  Class: 

Layer  2  Fast  Ethernet/ 

Gigabit  Ethernet  switch 

Testing  Date: 

August  through  November  2001 

Document  Number: 

201138 


For  the  complete  Test  Summary,  visit: 

http://www.  tolly.  com/T ollyBenchmarks 
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TCO  study  aims  to  compare 
five-year  costs  for  Shoreline, 
Cisco  VoIP  deployments 


Test  Highlights 

O  TCO  analysis  to  compare  Shoreline3  and  Cisco  AWID  costs  over  a  five-year  period 
O  Analysis  covers  a  medium-sized  enterprise  of  up  to  1 ,000  users 
O  Report  measures  voice  call-quality  levels  delivered  by  each  architecture 


Shorellne3  Distributed  IP  Voice  Architecture 

The  Tolly  Group  plans  to  release  later  this  month  a  comprehensive  analysis  that  compares  the  five-year  total  cost-of-owner- 
ship  (TCO)  for  a  mid-sized  enterprise  deployment  of  voice  over  IP  utilizing  alternative  approaches  from  Cisco  Systems  Inc. 
and  Shoreline  Communications. 


Shoreline  Communications  commissioned  The  Tolly  Group  to  conduct  a  TCO  assessment  of  its  Shoreline3  Distributed  IP 
Voice  Architecture  versus  Cisco's  AVVID  in  an  enterprise  network.  The  enterprise  was  defined  as  a  500-  to  1,000-employee 
coast-to-coast  domestic  company,  with  the  majority  of  the  employees  within  the  headquarters  site.  The  enterprise 
configuration  supports  several  regional  offices  with  populations  between  30  and  50  employees  and  for  some  small  branch 
offices  with  five  to  10  employees.  Our  research  is  also  based  on  the  assumption  that  there  is  a  typical  enterprise  data 
network  already  in  place. 

Planning  for  the  deployment  included  the  development  of  a  full  network  model,  the  collection  of  the  capital  costs  of  the 
equipment  by  creating  an  RFP  and  then  getting  quotes  from  authorized  distributors.  The  network  model  was  built  using 
OPNET  Technologies  Inc.'s  IT  Guru  software  to  analyze  the  impact  of  additional  network  traffic  (with  propagation  delays) 
based  on  the  national  deployment,  and  to  predict  performance  under  various  usage  patterns.  The  capital  costs  and  their 
associated  maintenance  costs  were  computed  for  the  two  boundary  points  of  500  and  1 ,000  employees. 

For  the  calculation  of  the  other  costs  (installation  or  ongoing  customer  system  operations),  selected  tasks  were  identified 
and  then  a  Tolly  Group  engineer  performed  that  task  to  collect  representative  timings.  These  timings  and  the  frequency  of 
the  event  then  were  converted  into  costs  by  using  the  appropriate  labor  rate.  All  of  these  costs  were  then  added  together  to 
determine  over  a  five-year  lifecycle  what  would  be  the  cost  of  ownership.  The  inherent  benefits  of  VoIP  such  as  tariff 
avoidance,  superior  call  management,  etc  were  factored  in  as  part  of  the  critical  tasks,  but  their  opportunity  savings  were 
not  considered  as  part  of  this  model. 


Since  the  purpose  of  a  VoIP  network  is  to  provide  for  high-quality  voice  traffic  as  well  as  support  for  important  user  features, 
The  Tolly  Group  also  conducted  a  comparison  of  the  voice  quality  for  both  the  Shoreline3  and  the  Cisco  AVVID  solutions, 
using  the  network  characteristics  from  the  national  deployment  model. 


This  report  will  be  available  from  The  Tolly  Group  at  the  end  of 
September.  Contact  The  Tolly  Group  at  (732)  528-3300  if  you  are 
interested  in  receiving  this  report. 


>  Shoreline- 


Project  Profile 


Product  name: 

Shoreline3  Distributed  IP  Voice  Architecture 

Document  Number: 

202500 

For  the  complete  Test  Summary,  visit: 

http://www.  tolly.  com/T ollyBenchmarks 
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Foundry  Fastlron  400  proves 
its  interoperability  mettle 


Partial  Switch  Interoperability  Test  Results 
Foundry  Fastlron  JetCore 


Foundry  Fastlron  400 

Foundry  Networks  Fastlron  400  successfully  passed  a  bat¬ 
tery  of  interoperability  tests  that  show  the  modular  switch 
delivers  a  broad  range  of  interoperable  support  for  Layer  2 
services,  Layer  3  routing  protocols,  as  well  as  emerging  big 
bandwidth  options  that  support  10-Gigabit  Ethernet. 

Foundry's  Fastlron  400  passed  interoperability  tests  with  13 
rival  brand  switches,  including  gear  from  Cisco  Systems, 

Nortel  Networks,  Extreme  Networks  and  others.  The  tests 
were  conducted  in  late  June  2002  by  The  Tolly  Group  as  part 
of  Switch  Interop,  an  annual  demonstration  of  switching 
interoperability. 

The  Fastlron  400's  interoperability  results  demonstrate  that 
the  switch  can  blend  into  a  multivendor  switching  fabric  and 
communicate  with  third-party  switches  across  a  wide  gamut 
of  network  functions. 

The  Tolly  Group  tested  the  Fastlron  400  chassis  (configured 
with  JetCore  modules)  in  five  mandatory  Layer  2  tests:  Auto¬ 
negotiation  of  link  speed  with  third-party  devices,  the  capability  to  tag  and  pass/receive  data  frames  supporting  the  IEEE  802.1p/Q 
specification,  static-mode  support  for  IEEE  802. 3ad  link  aggregation,  the  capability  to  establish  Gigabit  Ethernet  uplinks  with 
third-party  switches,  and  support  for  Accelerated  Convergence  of  Spanning  Tree  to  bring  about  rapid  network  reconvergence 
during  link-state  failures.  In  four  of  the  five  tests,  the  Fastlron  400  interoperated  with  all  of  the  other  switches  tested.  In  the  test  of 
Accelerated  Convergence  for  Spanning  Tree,  the  Fastlron  400  interoperated  with  four  other  switches  that  participated  in  the  test  - 
an  Alcatel  OmniSwitch  700,  Cisco  Catalyst  6500,  and  an  NEC  America  BlueFire  720  and  BlueFire  740. 


Third-Party  Devices 
Tested 

Test  Conducted 

Jumbo  Frames  10-Gig  LAN  PHY 

Allied  Telesyn  AT-9812TF 

N/S, 

Avaya  P882  MultiService  Switch 

% 

Cisco  Catalyst  6500  Series 

0 

Extreme  Alpine  3804 

N/S, 

Extreme  BlackDiamond  6808 

W 

Extreme  Summit48si 

< 

N/S 

NEC  BlueFire  720 

< 

N/S 

NEC  BlueFire  740 

< 

N/S, 

Nortel  Passport  8600 

W 

Key: 


Pass 


N/S  =  Not  Supported 


In  Layer  3  tests,  the  Fastlron  400  successfully  demonstrated  interoperability  with  all  other  switches  tested  in  tests  of  RIP  1  and  RIP  2 
and  OSPF  protocols.  In  tests  of  IP  multicasting  support,  the  Fastlron  400  demonstrated  interoperability  with  all  other  switches  in  tests 
of  the  DVMRP  (Distance  Vector  Multicast  Routing  Protocol).  The  Fastlron  400  also  demonstrated  interoperability  with  eight  other 
switches  in  tests  of  the  PIM  (Protocol  Independent  Multicast)  Sparse  Mode,  and  seven  other  devices 
that  participated  in  tests  of  PIM  Dense  Mode.  Likewise,  the  Foundry  Networks  switch  successfully 
passed  interoperability  tests  of  the  IPX  routing  and  VRRP  virtual  router  redundancy  protocol. 


In  optional  tests,  the  Fastlron  400  proved  interoperability  with  nine  other  participating  switches.  And 
the  Fastlron  400  was  just  one  of  five  switches  that  participated  and  passed  interoperability  tests  of 
a  10-Gigabit  Ethernet  LAN  PHY  interface. 


FOUNDRY 

NETWORKS 


Best  Practices  Recommendations  —  Fastlron  400 

Practice 

Description 

Maximize  efficiency  of  LAN 
services 

Fastlron  JetCore  implements  proven  interoperability  with  wide  diversity  of  multivendor  devices 
encompassing  latest  802.*  standards.  Example:  Support  for  802. Ip  permits  traffic  prioritization  and 
support  for  802. IQ  enables  VLANs  serving  smaller  logical  communities  within  the  physical  net. 

LAN  investment  protection 

All  Fastlron  JetCore  chassis  use  common  modules;  migration  from  10  Mbit/s  to  10  Gbits/s 
achieves  LAN  scalability  and  adds  new  features  with  no  disruption  to  clients,  servers,  or 
other  devices. 

Increase  server  farm 
throughput 

Implement  Jumbo  Frames  on  Gigabit  Ethernet  and  10-Gigabit  Ethernet  uplinks,  thereby  providing 
lower  latency  and  improved  packet  handling  efficiency  for  servers.  Fastlron  400's  proven 
interoperability  for  Jumbo  Frames  on  switches  from  Cisco,  Avaya,  Extreme,  NEC  and  Nortel 
ensures  support  in  multivendor  nets.  Fastlron  400  also  has  successfully  demonstrated  10-GbE 
interface  interoperability  with  devices  from  Cisco,  Avaya,  Extreme  Networks  and  Nortel. 

Cost-effective  connectivity 
between  sites 

Fastlron  JetCore's  support  for  standards-based  IP  routing  protocols  enables  network  managers  to 
migrate  from  costly  private  WAN  facilities  to  public  service  provider  networks.  Here,  Layer  3 
standards-based  IP  protocol  support  is  absolutely  critical  to  participate  in  a  multivendor  WAN 
environment. 

www.tolly.com 
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Dell  PowerConnect  edge  switch 
blends  wire  speed  with  QoS 

Test  Highlights 

O  Manages  traffic  priorities  dynamically  during  port  congestion  based  on  Layer  3  and  Layer  4  information 
O  Delivers  zero-loss,  wire-speed  throughput  across  all  ports  and  packet  sizes 
O  Achieves  an  aggregate  throughput  of  13.6  Gbit/s  for  all  frame  sizes  tested 


Project  Profile 


Product  name: 

Dell  Computer  Corp. 

PowerConnect  3248 

Version  Tested: 

Version  2.0.16 

Product  Class: 

Enterprise-class  edge  switch 

Testing  Date: 

April  2002 

Document  Number: 

For  complete  Test  Summary  details, 
go  to:  http://www.dell.com/switchandsave 
or  call  (800)  551-3355 

For  the  complete  Test  Summary,  visit: 

http://www.  tolly.  com/T illyBenchmarks 
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Dell  Computer  Corp.  PowerConnect  3248 

Zero-loss  throughput  used  to  be  the  defining  selection  factor  for  enterprise- 
class  switches.  Not  any  longer.  The  real  differences  between  switch  brands 
today  emerge  in  the  inherent  intelligence  of  each  product  to  provide  flexibility 
and  manageability  in  how  bandwidth  is  utilized  according  to  available  Quality 
of  Service  facilities. 

Recognizing  the  shift  toward  embedded  switch  intelligence,  Dell  Computer 
Corp.  commissioned  The  Tolly  Group  to  benchmark  the  performance  of  its 
Powerconnect  3248,  validating  not  only  that  the  product  delivers  zero-loss 
wire-speed  throughput,  but  that  it  does  so  while  ensuring  that  network-critical 
traffic  is  prioritized,  even  under  severe  congestion. 

Support  for  QoS  is  a  key  differentiator  for  the  Powerconnect  3248  to  support 
delay-sensitive  traffic,  such  as  real-time  SNMP  network  management  data. 

As  congestion  builds  and  data  types  contend  for  bandwidth,  the  proper 
mechanisms  need  to  be  in  place  to  ensure  that  the  higher-priority  traffic  gets 
the  bandwidth  it  needs,  when  it  needs  it. 

The  PowerConnect  3248  is  an  enterprise  edge  switch  that  was  tested  with 
48  Fast  Ethernet  ports  and  two  Gigabit  Ethernet  ports  (built-in  copper,  optional 
fiber).  Testing  was  performed  in  April  2002. 

Test  results  show  that  the  PowerConnect  3248  delivers  100%  of  the 
theoretical  maximum  throughput  in  Layer  2  tests  of  full-duplex  (bidirectional), 
traffic  streams  of  64-,  512-  and  1,518-byte  frames.  The  PowerConnect  for¬ 
warded  100%  of  the  theoretical  maximum,  which  is  equivalent  to  13.6  Gbit/s 
of  aggregate  throughput,  for  all  frame  sizes  tested.  The  total  packets  per 
second  (pps)  for  all  48  Fast  Ethernet  plus  two  Gigabit  Ethernet  ports  when 
transmitting  100%  load  was  20,238,074  when  handling  64-byte  packets, 
3,195,466  when  handling  512-byte  packets  and  1,105,307  when  forwarding 
1,518-byte  packets. 


Test  results  also  show  that  when  presented  with  a  scenario  of  300%  port 
over-subscription  at  both  Layer  3  and  Layer  4,  the  PowerConnect  3248 
properly  identified  traffic  types  and  prioritized,  or  dropped,  data  frames 
according  to  defined  policy  parameters. 


MU 


Under  severe  port  congestion,  the  PowerConnect  3248  demonstrated  that  its 
Weighted  Round  Robin  (WRR)  queuing  algorithm  ensured  that  Differentiated 
Services  Code  Point  (DSCP)  Layer  3  and  TCP/UDP  socket  Layer  4  prioritized 
traffic  is  passed  effectively  at  its  assigned  priority  level.  The  switch  also 
reallocates  available  bandwidth  to  the  higher-priority  stream,  although  at 
exceptionally  high  over-subscription  scenarios  (in  excess  of  300%  port 
over-subscription),  high-priority  traffic  takes  a  slight  bandwidth  hit,  so  that 
low-priority  streams  are  not  starved  out.  The  PowerConnect  3248  QoS 
algorithm,  however,  can  be  adjusted  to  starve  out  low-priority  traffic  if 
high-priority  traffic  cannot  be  dropped. 
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Siemens  puts  voice/data  convergence 
to  the  test  at  Skyport 

Test  Highlights 

O  Consistent  toll-quality  voice  is  achievable  during  peak  and  off-peak  business  hours 
Q  QoS  significantly  contributes  to  consistent  toll-quality  voice  as  data  traffic  competition  increases 
O  Sound  network  planning  allows  for  extra  bandwidth  to  accommodate  surges  in  application  usage 


Siemens  Skyport 

When  it  comes  to  converging  voice  and  data  onto  a  single  physical  network 
infrastructure,  network  executives  can  benefit  from  a  blueprint  that  maps  out 
exactly  how  to  enable  voice  and  data  traffic  to  coexist  in  harmony  without 
robbing  the  performance  of  either. 

Siemens  built  Skyport,  a  state-of-the-art  convergence  campus  network 
located  in  San  Jose,  Calif.,  to  demonstrate  just  how  to  create  the  delicate 
balance  between  voice  and  data  in  a  converged  IP  infrastructure.  Siemens 
commissioned  The  Tolly  Group  recently  to  measure  several  significant 
attributes  of  Skyport  that  validate  the  network's  capability  to  support  voice 
and  data  fairly. 

Engineers  measured  voice  call  quality,  the  effect  of  Quality  of  Service  (QoS) 
on  call  quality,  and  the  application  data  throughput  rates  and  application 
response  time  of  business-critical  applications  during  peak  usage  hours. 

In  tests  to  measure  the  quality  of  voice  over  IP  (VoIP)  calls,  Tolly  Group 
engineers  examined  the  Skyport  network  by  taking  representative  call  quality 
measurements  across  a  five-hour  span,  from  10  a.m.  to  3  p.m.  during  a 
typical  business  day.  Tolly  Group  engineers  employed  the  Perceptual 
Evaluation  of  Speech  Quality  (PESQ)  metric.  PESQ  is  an  enhanced 
perceptual  quality  measurement  for  voice  quality  developed  for  end-to-end 
voice  quality  testing  under  real  network  conditions.  Scores  range  from  -1  to 
4.5,  with  3.8  or  higher  generally  regarded  as  toll  quality.  In  the  Skyport  tests, 
the  network  delivered  a  consistent  average  PESQ  score  of  3.87,  regardless 
of  the  time  of  day  the  metric  was  recorded.  Mean  opinion  score  (MOS)  tests 
corroborated  the  voice  quality  level,  with  MOS  scores  averaging  4.16  or 
slightly  better  than  the  4.0  regarded  as  the  MOS  standard  for  toll  quality. 

Next,  engineers  tested  the  effect  of  QoS  on  voice  quality.  In  five  different 
test  scenarios  with  QoS  enabled,  voice  call  quality  measured  3.93  on  the 
PESQ  scale  -  well  above  the  3.8  toll-quality  level.  In  fact,  in  two  scenarios 
where  engineers  used  100%  of  data  as  the  network  load  on  top  of  existing 
voice  traffic,  and  then  oversubscribed  that  by  another  20%,  voice  quality 
remained  steady  at  3.93  (PESQ).  However,  in  the  same  test  scenarios  with 
QoS  inactive,  voice  quality  plummeted  to  2.79  and  2.62  (PESQ)  -  showing 
the  importance  of  utilized  QoS  to  deliver  the  necessary  bandwidth  to  voice 
traffic  even  during  peak  loads  of  data  traffic. 

Lastly,  The  Tolly  Group  examined  the  available  data  throughput  rate  on 
Skyport  for  applications  vying  for  bandwidth  against  voice  traffic.  Tests  show 
that  there  is  always  17  Mbit/s  of  bandwidth  headroom  available  on  Skyport, 
when  tested  between  2  p.m  and  4  p.m.  -  the  network's  peak  traffic  load 
period.  This  means  users  of  data  applications  can  be  assured  bandwidth 
is  available  when  they  need  it  and  that  the  network  planners  for  Skyport  had 
a  reserved  capacity  of  20%  on  the  links  used  for  this  test. 


Project  Profile 


Product  name: 

Siemens  Skyport 

Product  Class: 

Voice/data  convergence  network 

Testing  Date: 

May  2002 

Document  Number: 

Contact  info@tolly.com  for  more 
information  on  this  report. 


For  the  complete  Test  Summary,  visit: 

http://www,  tolly.  com/T ollyBenchmarks 
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+1  800.927.2660 
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+33.1.6137.2250 


Asia  Pacific 

+852.2166.8382 
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Assure 


The  “Tested  with  Spirent”  stamp  shows  your 
customers  that  your  products  have  undergone 
the  most  rigorous  and  advanced  testing  in  the 
industry.  It  is  their  quality  assurance  that  your 
products  will  support  the  latest  networking 
technologies  under  the  most  extreme  conditions. 


the  industry’s  leading  test  labs  rely  on  Spirent 
solutions  to  assess  the  performance,  reliability,  and  vulnerability  of  systems 
like  yours.  So  it’s  no  wonder  that  our  test  products  have  become  the  de  facto 
standard  for  network  equipment  developers  worldwide. 

Visit  our  website  to  discover  the  latest  award-winning  test  and  performance 
analysis  solutions  for  10  Gigabit  Ethernet,  VPN,  Firewall,  Routing,  Optical, 
SAN,  Wireless,  and  more,  www.spirentcom.com 


Analyze 


See  Us  at  N+l  Atlanta 
Booth  2235 


www.nwfusion.com 


9/9/02 


NetworkWorlri 


ipi 

TCP/IP,  LAN/WAN  SWITCHES 

■  ROUTERS  ■  HUBS 

■  ACCESS  DEVICES  ■  CLIENTS 

■  SERVERS  ■  OPERATING  SYSTEMS 

■  VPNS  ■  NETWORKED  STORAGE 


■  Hewlett-Packard  last  week 
launched  a  new  line  of  Unix  servers 
aimed  at  cost-conscious  buyers,  as 
it  tries  to  inject  new  life  into  its 
flagging  high-end  hardware  busi¬ 
ness.  HP  brought  out  three  new 
servers,  dubbed  the  05  series,  that 
use  slower  processors  than  its 
mainstream  Unix  line  and  are  only 
available  in  a  few  standardized  con¬ 
figurations. 

The  new  systems  are  available  in 
configurations  with  one  to  eight 
processors  and  come  with  10%  to 
40%  price  reductions  compared 
with  the  faster  Unix  servers  HP 
offers. 

The  discounted  05  series  could 
attract  customers  facing  tight 
budget  constraints  and  help  HP 
compete  against  Sun  on  low-end 
Unix  products.  The  major  trade-off 
with  the  new  HP  Server  rp2405, 
rp5405  and  rp7405  systems  is  their 
use  of  650MHz  PA-RISC  chips.  HP 
currently  ships  875-MHz  chips 
with  the  majority  of  its  Unix  hard¬ 
ware. 

The  rp2405,  with  one  processor, 
512M  bytes  of  memory  and  36G 
bytes  of  storage,  will  start  at  $4,800. 
The  rp5405  and  rp7405  will  cost 
$29,000  and  $50,600,  respectively. 
www.hp.com 

■  SMC  Networks  recently  an¬ 
nounced  the  TigerSwitch  SMC- 
8624T,  an  Ethernet  switch  with  24 
10/100/1000M  bit  ports,  for  about 
$160  per  port. 

The  box,  which  could  be  used  in 
server  farms  or  as  a  high-end  work¬ 
group  switch,  also  suppors  virtual 
LANs  and  management  with  Re¬ 
mote  Monitoring  and  SNMP  Version 
2.  Four  mini-gigabit  interface  card 
slots  also  come  on  the  box  for 
adding  copper-  or  fiber-based  Gigabit 
ports. 

The  SMC8624T  is  available  for 
$3,820.  Single-mode  fiber  lOOOBase- 
LX  mini-GBICs  cost  $865  and 
lOOOBase-SX  (single-mode  fiber) 
mini-GBICs  cost  $500.  The  redun¬ 
dant  power  supply  is  $840  extra. 
www.smc.com 


Net  storage  options  grow 


■  BY  DENI  CONNOR 

Network  executives  looking  for  ways  to 
back  up  data  have  several  new  options 
that  promise  inexpensive  data  protection 
and  recovery  at  faster  speeds  than  their 
tape-based  alternatives. 

Among  the  new  alternatives  is  Stor- 
active’s  LiveServ,  which  lets  administra¬ 
tors  make  copies  as  changes  to  data 
occurs,  compress  the  data,  store  it  to 
disk  and  then  back  it  up  to  tape  when 
time  permits. 

Customers  now  also  can  perform  back¬ 
ups  by  quickly  and  continuously  taking  a 
snapshot  of  a  disk  and  storing  it  on  inex¬ 
pensive  Advanced  Technology  Attach¬ 
ment  (ATA)  or  Integrated  Drive  Elec¬ 
tronics  (IDE)  disks  offered  by  Network 
Appliance,  EMC,  Quantum  and  Nexsan. 
IDE  and  ATA  drives,  commonly  used  in 
desktop  PCs,  are  attractive  as  backups  for 
network-attached  storage  devices  be¬ 
cause  they  are  getting  closer  in  cost  to 
tape,  which  is  less  expensive,  and  their 
recovery  capabilities  are  almost  100 
times  as  fast. 

“The  price,  capacity  and  reliability  is 
making  devices  like  cabinets  of  RAID  not 

See  Storage,  page  22 


Snapshot  back-up  products 

A  variety  of  storage  vendors  have  products  that  let  administrators  take 
current  copies  of  their  data.  Here’s  a  sampling: 


Company 

Product  name 

Platform 

BMC  Software 

Patrol  Recovery  for  Oracle 
with  Enterprise  Snapshot  for 
Unix 

Unix 

Computer  Associates 

BrightStor  Enterprise 

Backup  Image  Backup 

Unix,  Windows  2000,  NT 

EMC 

Timefinder,  Snapview/IP 

Mainframe,  Unix, Windows  NT 

IBM/Tivoli 

Enterprise  Storage  Server’s 
Advanced  Copy  Services, 

Tivoli  Storage  manager 

Unix,  Windows  2000,  NT 

Legato  Systems 

Snaplmage 

Network  Appliance 

Snap  Managerfor  Microsoft 
Exchange,  Snapshot  feature 
in  Data  ONTAP  OS, 
SnapRestore 

Windows  2000,  NT 

PowerQuest 

V2i  Protector 

Windows  2000,  NT 

Storactive 

LiveServ 

Windows  2000,  NT 

Veritas  Software 

NetBackup 

Unix,  Windows  2000,  NT 

Route  control  delivers  key  business 


■  BY  TIM  GREENE 

SAN  DIEGO  —  Route-control  technol¬ 
ogy  promises  to  deliver  mission-critical 
applications  with  the  lowest  possible 
latency  and  packet  loss,  all  at  the  lowest 
cost. 

So  when  Qualcomm  wanted  to  quickly 
deliver  the  latest  version  of  its  popular 
e-mail  program,  Eudora,  it  turned  to 
RouteScience  Technologies  and  its 
PathControl  gear. 

PathControl  and  other  route-control 
equipment  and  services  —  from  ven¬ 
dors  such  as  netVmg,  Proficient  Net¬ 
works  and  Sockeye  Networks  —  use 
policies  to  pick  the  optimal  Internet 
access  link  for  customer  traffic.  As  long 
as  the  customer  has  multiple  connec¬ 
tions  to  different  Internet  service  pro¬ 
viders,  route-control  technology  can 
pick  the  appropriate  one  based  on  cost, 
latency,  packet  loss  and  usage  priorities 


as  defined  by  customers. 

In  Qualcomm’s  case,  the  company  had 
three  partial  T-3  ISP  links  to  choose  from, 
to  AT&T.UUNET  and  Sprint.  At  the  time  of 
the  Eudora  upgrade  in  June,  the  Sprint 
line  was  still  being  tested,  but  the 
Qualcomm  IT  staff  pressed  it  into  service 
immediately  to  handle  the  Eudora 
demand. 

The  company  also  was  still  testing  the 
RouteScience  gear,  but  again  decided  to 
put  it  into  action  for  the  expected  deluge 
of  demand  for  the  Version  4.1  Eudora 
software,  says  Norm  Fjeldheim,  CIO  of 
Qualcomm.  If  PathControl  didn’t  work,  he 
could  just  shut  down  the  box  and  traffic 
would  flow  to  the  three  ISP  links  based  on 
routing  decisions  made  by  Border 
Gateway  Protocol  (BGP).So  there  was  no 
risk  that  the  equipment  would  make 
things  worse. 

As  customers  connected  to 
Qualcomm  servers  to  download  the 


Eudora  update,  PathControl  determined 
how  fast  each  ISP  link  could  deliver  the 
data.  Based  on  that,  PathControl,  which 
is  connected  to  the  Qualcomm  network 
as  a  BGP  peer,  issued  BGP  route  changes 
to  direct  the  downloads  to  the  best  ISP 
connection. 

BGP  chooses  routes  based  solely  on 
which  one  takes  the  fewest  hops 
between  routers,  without  considering 
delay,  cost  or  other  factors.  As  a  result, 
BGP  was  directing  most  of  Qualcomm’s 
traffic  to  UUNET,  which  controls  much  of 
the  Internet  backbone. 

With  its  three  ISP  links  and  a  Path- 
Control  box,  Qualcomm  released  the  soft¬ 
ware  two  weeks  ahead  of  schedule  and 
did  so  without  running  into  congestion, 
Fjeldheim  says,  despite  peak  traffic  of 
60,000  of  the  8M-byte  Eudora  downloads 
per  day. 

Using  its  servers  exclusively  for  deliver- 

Qualcomm,  page  22 
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Shakespeare  wrote,  “What’s  in  a 
name?  That  which  we  call  a  rose  by 
any  other  name  would  smell  as 
sweet.”  But  evidently  new  Caldera  CEO 
Dari  McBride  thinks  that  the  right  name 
could  make  all  the  difference  for  a  com¬ 
pany  struggling  with  identity. 

Caldera  was  born  when  Ray  Noorda 
left  Novell,  acquired  the  rights  to  Novell 
DOS  (formerly  DR  DOS,  from  Digital 
Research)  and  launched  an  antitrust  suit 
against  Microsoft.  Later  on,  the  company 
got  the  Linux  religion  —  most  likely,  in 
great  part,  because  it  was  another  anti- 
Microsoft  move.  Caldera’s  OpenLinux 
had  potential  but  little  marketing  savvy, 


Infrastructure _ 

The  name  game,  Caldera  style 


and  languished. 

This  year,  the  company  joined  with 
three  other  Linux  vendors  (SuSE, 
Connectiva  and  TurboLinux)  to  create 
UnitedLinux  —  a  core  which  would  be 
used  by  all  four  companies.  But  the  offi¬ 
cial  title  of  Caldera’s  product,  “Caldera 
OpenLinux  powered  by  UnitedLinux,”  is 
certainly  never  going  to  become  a 
catchphrase. 

Along  the  way,  Caldera  acquired  most  of 
the  former  Santa  Cruz  Operation  (SCO) 
including  its  fairly  lucrative  intellectual 
property  rights  to  versions  of  Unix  derived 
from  the  former  AT&T  Bell  Labs  Unix 
System  5  (by  way  of  Unix  System  Lab¬ 
oratories,  which  was  briefly  owned  by  — 
of  all  people  —  Novell!). That  was  curious 
at  the  time  because  it  meant  that  Caldera’s 
chief  competitor  was  —  Caldera!  The 
Unix-based  OpenServer  and  UnixWare 
from  SCO  were  being  sold  alongside 
Caldera’s  OpenLinux.  Many  people  found 
it  hard  to  tell  them  apart. 


In  his  new  role  as  Caldera  honcho, 
McBride  has  decided  that  Linux  isn’t  key 
technology  (so  it’s  shipped  off  to  the  new 
UnitedLinux  group),  DR  DOS  is  passe  (so 
it’s  not  even  mentioned),  and  the  SCO 
name  should  be  resurrected  because  it  at 
least  has  some  recognition. 

When  he  made  the  announcement  a 
few  weeks  ago  at  the  company’s 
GEOForum  meeting,  it  was  met  with  a 
standing  ovation. That  could  be  because 
the  crowd  was  made  up  almost  entirely 
of  veteran  SCO  resellers.  More  telling, 
though,  was  that  many  erstwhile  Caldera 
employees  couldn’t  decide  how  to  pro¬ 
nounce  the  new  name  (the  SCO  Group) 
—  was  it  “skowe”  or  “ess  see  oh”?  Some 
used  one,  some  the  other,  and  some 
even  hedged  their  bets  by  alternating 
the  two. 

The  end  result  seemed  to  be  that  no  one 
had  thought  out  the  change  in  detail. The 
change  might  help  hold  on  to  wavering 
SCO  clients,  but  the  confusion  won’t  help 


www.nwfusion.com 


bring  in  new  clients. 

Kearns,  a  former  network  administrator, 
is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@vquill.  com. 


Tip  of  the  Week 


Rumors  heard  in  dark 
alleys  seem  to  indicate 
'  that  NetWare  6.1  will  ship 
before  Microsoft's  .Net 
Server,  which  will  put 
Provo  three  releases  up 
I  (NetWare  5.1,  6  and  6.1)  to 
Redmond's  one  (Windows 
2000  server).  Perhaps 
there  is  some  truth  to  the 
I  “smaller,  leaner"  formula! 


IDA/ATA  drives  cost  about  $8,000  to 
$10,000  per  terabyte,  while  tape  ranges 
from  $3,000  to  $10,000  per  terabyte  for 
storage  access  that  is  as  much  as  100 
times  slower. 


Qualcomm 

continued  from  page  22 

ing  updates  was  a  change  for 
the  company.  It  had  been  guar¬ 
anteeing  quick  response  time 
using  service  provider  Akamai 
Technologies  to  cache  copies 
of  new  Eudora  releases  at  key 
locations  throughout  the 
Internet.  But  going  it  alone 
worked  fine  and  had  other  ben¬ 
efits.  “It’s  much  cheaper  than 
Akamai,”  Fjeldheim  says, 
because  all  it  requires  is  using 
the  Internet  connections  that 
were  already  in  place  to  handle 
other  Internet  traffic. 

Bandwidth  not  the  answer 

Qualcomm  was  buying  the 
Sprint  Internet  connection 
because  users  had  experienced 
delay  connecting  to  Qualcomm 
over  the  other  two  links, 
Fjeldheim  says.  He  felt  his  only 
option  was  to  throw  more  band¬ 
width  at  the  problem,  but  when 
he  heard  about  route-control 
technology,  decided  to  try 
RouteScience. 

In  addition  to  helping  smooth 
out  the  glut  of  traffic 
Qualcomm  experienced  during 
the  Eudora  release,  route  con¬ 
trol  also  cut  down  on  delay 
between  Qualcomm’s  San 
Diego  headquarters  and  its 
offices  in  China.  Delays  had 
been  200  msec,  and  that 
dropped  to  100  msec  with  the 
addition  of  the  RouteScience 
box, says  Ray  Buccat,  director  of 
Qualcomm’s  corporate  IT  net¬ 
working. 

RouteScience:  www.  route 

science.com 


Storage 

continued  from  page  21 

as  necessary  as  they  were  two 
years  ago.These  devices  represent 
to  us  a  cheap,  efficacious  storage 
media,”  says  Tom  Hickman,  engi¬ 
neering  operations  manager  at 
online  back-up  provider  Con¬ 
nected  in  Framingham,  Mass. 

According  to  industry  ob¬ 
servers,  IDE/ATA  drives  cost 
about  $8,000  to  $10,000  per  ter¬ 
abyte,  while  tape  ranges  from 
$3,000  to  $10,000  per  terabyte  for 
storage  access  that  is  as  much  as 
100  times  slower. 

Backing  up  data  to  tape  is  slow 
and  as  the  amount  of  data  on 
the  network  increases  and  allot¬ 
ting  sufficient  time  to  perform 
system  backups  may  be  unten¬ 
able.  When  tape  backup  is  occur¬ 
ring,  application  use  is  interrupt¬ 
ed,  leaving  workers  with  little  to 
do.As  a  result, snapshot  backups 
and  disk-based  replacements, 
which  back  up  data  in  real  time, 
have  become  popular  replace¬ 
ments  for  tape. 

Among  the  advantages  of 
employing  disk-based  snapshot 
backups  are: 

•  Backups  can  occur  continu¬ 
ously  throughout  the  day,  elimi¬ 
nating  the  need  to  take  down  the 
network  to  back  up  data. 

•  Because  data  is  backed  up 
more  often,  it  is  more  current 
and  less  data  is  lost  if  a  failure 
occurs. 

•  Data  can  be  more  quickly 
recovered  from  disk  that  it  can 
from  tape. 

•  The  secondary  disk,  which  is 
used  as  a  temporary  location 
for  data,  can  be  backed  up  with¬ 


out  affecting  the  network’s  pri¬ 
mary  storage. 

Snapshot  backups  give  users  all 
the  advantages  and  more  of  real¬ 
time  data  mirroring.  Because  they 
take  real-time  images  of  the  disk 
at  scheduled  times,  if  a  virus  hits 
the  disk  or  corruption  occurs, 
they  easily  can  be  rolled  back  to  a 
point  before  the  corruption 
occurred,  leaving  a  clean  system 

The  frequency  an  administra¬ 
tor  elects  to  take  snapshot 
depends  on  the  amount  of  data 
a  business  can  afford  to  lose  if 
there  is  a  failure  and  the  type  of 
data  it  is.  For  instance,  if  the 
backup  is  of  the  business-critical 
financial  data  on  an  Oracle  data¬ 
base,  administrators  might  want 
to  schedule  as  many  images  in  a 
day  as  possible.  Snapshot  back¬ 
up  software  lets  as  many  as  92 
versions  of  the  data  be  taken,  let¬ 
ting  a  network  be  backed  up 
almost  every  15  minutes,  thus 
providing  that  no  more  than  15 
minutes  of  data  loss. 

Although  Hickman  doesn’t  use 
snapshot  backup,  he  understands 
the  lure  of  the  technology. 

“We  built  a  redundant  storage 
mechanism  before  any  of  the 
technology  was  available,” 
Hickman  says.  “If  we  were  start¬ 


ing  out  today,  we  would  certainly 
give  a  hard  look  at  [Network 
Appliance’s]  SnapManager  and 
EMC  Centera  because  we  would¬ 
n’t  have  had  to  build  all  the 
redundancy  into  the  software  we 
use  to  back  up  our  customers.” 

Hickman  uses  EMC’s  ATA- 
based  Centera  to  archive  less-fre- 
quently  used  back-up  data 
before  moving  it  to  tape. 

The  number  of  snapshots  a 
customer  takes  also  depends  on 
the  storage  capacity  available  on 
the  device,  as  each  image  can 
consist  of  the  portion  of  data 
that  has  changed  since  the  last 
snapshot  was  taken  (called 
changed  block  snapshot)  or  of 
the  entire  contents  of  the  disk. 

Recent  changes  to  snapshot 
backups  not  only  take  a  picture 
of  the  data,  but  also  allow  the 
state  of  the  system  to  be  saved  to 
a  CD-ROM  so  that  if  a  server  fails, 
it  can  easily  be  restored  without 
re-installing  the  operating  sys¬ 
tem,  patches,  service  packs  and 
applications.  PowerQuest  recent¬ 
ly  announced  its  V2i  Protector, 
which  lets  administrators  per¬ 
form  “bare  metal”  restores  of 
Windows  2000  and  NT  servers 
from  CD-ROM. 

Storactive’s  LiveServ  will  pro¬ 


tect  Win  2000/NT, and  .Net  server 
when  it  is  available. 

Both  products  compete  with 
products  already  available  on 
the  market  from  Veritas,  Network 
Appliance  and  EMC.  They  work 
with  traditional  back-up  software 
from  Veritas  Software,  Legato 
Systems,  Computer  Associates  or 
IBM/Tivoli. 

Further,  a  number  of  vendors 
provide  storage  arrays  assem¬ 
bled  from  ATA  or  IDE  drives, 
whose  price  approaches  that  of 
tape  storage.  These  drives,  which 
are  almost  as  fast  and  reliable  as 
their  more  expensive  SCSI  or 
Fibre  Channel  drives,  are  ganged 
up  in  enclosures  and,  like  their 
SCSI  and  Fibre  Channel  counter¬ 
parts,  can  be  hot-swapped  when 
failures  occur  and  configured  as 
RAID  drives  for  protection.  EMC, 
Quantum,  Network  Appliance 
and  Nexsan  are  a  few  of  the  ven¬ 
dors  of  ATA/IDE  drives  for  net¬ 
work  storage  environments. 

Storactive’s  LiveServ  is  $800 
per  server;  additional  modules 
for  backing  up  Exchange  and 
SQL  Server  are  available  for 
$800  per  server.  The  software  is 
available  now.  ■ 


More  online! 


Get  up  to  speed  on  the  latest  storage 
technology  and  solutions. 
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THE  STRAIGHT  GOODS  ON  SYBASE  DATABASES 


THINKTHE 


DATABASE 

WARS 


ARE  OVER? 


YOU  CANT  SELL  THAT  ON 

WALL  STREET. 


The  Software 
Integration  Company. 

We  can  help  you  integrate 
all  the  data  and  business 
applications  in  your 
enterprise  and  extend 
them  to  any  location  in 
the  world.  So  you  can 
improve  efficiency  while 
preserving  your  existing 
infrastructure  investments. 

L.  A 


Sybase  knows  a  few  things 
about  the  financial  services 
industry.  After  all,  our  database 
technology  powers  more  than 
half  the  trades  on  Wall  Street. 
And  our  subsidiary,  iAnywhere 
Solutions,  is  the  mobile  database 
leader  and  the  fastest  growing 
vendor  in  the  embedded 
database  market. 

But  we're  not  just  big  on 
database  market  share.  We’re 
big  on  databases.  How  big? 

Our  robust  relational  database 
management  systems  are 
capable  of  powering  the  world's 
largest  data  warehouses.  And 
nearly  half  the  phone  calls  in 
the  People's  Republic  of  China 
depend  on  Sybase  technologies. 

So  it's  safe  to  say  the  database 
wars  are  far  from  over.  In  fact, 
they've  only  just  begun.  Visit 
sybase.com/integrationsolutions 
for  more  information  on  Sybase's 
wide  range  of  database  and 
integration  products. 


i  Sybase 

Information  Anywhere" 


SYBASE  DATABASE  TECHNOLOGY. 

EVERYTHING  WORKS  BETTER  WHEN  EVERYTHING  WORKS  TOGETHER.' 


c2002  Sybase.  Inc.  and  Financial  Fusion,  Inc.  All  rights  reserved.  All  trademarks  are  the  property  of  their  respective  owners. 
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Experio  is  a  global  IT  consultancy  and  unit  of  Hitachi  Ltd.  Hl^PSHP 

Shoreline  supports  the  company  with  an  integrated  IP 

voice  system  linking  800  users  and  18  Experio  offices  throughout  the  U.S. 


Per  Site  Aquisition  Costs 


SHORELINE  LEGACY  PBX  NET  SAVINGS 


Equipment  Network  Upgrades 

$30,000 

$60,000 

$30,000 

Installation  -  Hard  Costs 

$0 

$1,700 

$1,700 

%  Total  Per  Site  Aquisition  Costs 

$30,000 

$61,700 

$31,700 

Total  Aquisition  Costs  (XI 6) 

$480,000 

$987,200 

$507,200 

Annual  Costs 

Management 


S3  9, 600  $72,000 

Maintenance  (Based  on  10.1%)  $48,480  $129,280 

Long  Distance  $30,000  $151,000 


TCO  Per  Year 


$118,080  $352,280 


$32,000 

$80,800 

$121,700 

$234,200 


Total  Savings  Over  5  Years 


$1,678,200 


“ Shoreline  reduced  our  system  acquisition  and 
installation  costs  by  more  than  $500K,  and 
helped  us  reduce  our  ongoing  voice  network 
expenses  by  more  than  $200K  per  year.” 

Michael  Shisko,  IT  Director,  Experio  Solutions 


Shoreline’s 
IP  Phone  * 
System  Saved 


$1.6  million 


Your  existing  phone  system  is  costing  you  more  money 

than  you  think.  To  learn  how  a  Shoreline  IP  Voice  System  can  drastically 

reduce  your  company  phone  expenses  while  adding  more  features  and  solid 

reliability,  call  1-877-80SHORE  or  visit:  http://savings.goshoreline.com 


4  Shoreline 
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Robust  IP  Phone  Systems 
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NetWorker 


SERVICES  AND  STRATEGIES 
FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


HomePlug  units  easy  to  use  but  slow 


Net  Results 


4.0 


’RATING 

Phonex  NeverWire  14 

Company:  Phonex 
Broadband,  (800)  257-0601, 
www.phonex.com  Price: 
$129  MSRP 


3.3 


RATING 


3.2, 


Linksys  EtherFast  10/100 
Bridge  and  USB  Adapter 

Company:  Linksys,  (800) 
546-5797,  www.iinksys.com 

Price:  $99  MSRP 


■  RATING 

NetGear XE602 

Company:  NetGear,  (888) 
638-4327,  www.netgear.com. 
Price:  $119  MSRP 


3.1 


RATING 


Asoka  PlugLink  Ethernet 
and  USB  Bridges 

Company:  Asoka  USA, 
(650)  591-3782,  www. 
asokausa.com  Price:  $99 
MSRP 


What’s  the  score? 

Phonex 

Linksys 

NetGear 

Asoka 

Setup  30% 

4 

4 

3 

4 

Gloseness  to  ‘idiot-proof  30% 

4 

3 

3 

3 

Manual  20% 

4 

3 

3 

3 

Mounting  flexibility  20% 

4 

3 

4 

2 

TOTAL  SCORE 

4.0 

3.3 

3.2 

3.1 

Individual  category  scores  are  based  on  a  scale  of  1  to  5.  Percentages  are  the  weight  given  each  category  in  determining  the  total  score.  ■ 
Scoring  Key:  5:  Exceptional  showing  in  this  category.  Defines  the  standard  of  excellence.  4:  Very  good  showing.  Although  there  may  be  room  for 
improvement,  this  product  was  much  betterthan  the  average.  3:  Average  showing  in  this  category.  Product  was  neither  especially  good  nor  exceptionally 
bad.  2:  Below  average.  Lacked  some  features  or  lower  performance  than  other  products  or  than  expected.  1:  Consistently  subpar,  or  lacking  features 
being  reviewed. 


■  BY  JAMES  GASKIN 

Good  news  from  the  networking-over- 
home-power-line  world:  Products  adhering 
to  the  new  HomePlug  Version  1 . 1  specifi¬ 
cation  are  easy  to  use,  reliable  and  interop¬ 
erable.  The  bad  news:  Speed  ratings  for 
HomePlug  (14M  bit/sec  maximum)  are, 
shall  we  say,  overly  optimistic. 

Four  vendors  — 
Asoka  USA,  Link¬ 
sys,  NetGear,  and 
Phonex  Broad¬ 
band  —  provided  HomePlug-certified 
products  for  review.  You  connect  these 
power-line  transceivers  (a  good  technical 
term  for  these  devices)  to  client  comput¬ 
ers  via  Ethernet  or  USB,  and  use  Ethernet 
to  connect  to  network  hubs,  other  PCs  or 
broadband  modems. 

Home  building  codes  require  power  out¬ 
lets  at  12-foot  intervals  on  every  wall. 
Because  of  this,  the  modern  home  aver¬ 
ages  45  plugs.Telephone  jacks  do  not  have 
the  same  saturation,  pushing  home  net¬ 
work  vendors  toward  wireless  or  power¬ 
line  foundations.  Wireless  gets  most  of  the 
hype,  but  HomePlug  makes  power-line  net¬ 
working  an  outstanding  complement  to 
wireless  and  a  viable  option  for  your  home- 
based  workers. 

Running  data  over  power  lines  is  safe 
and  relatively  immune  from  interference 
from  powered  devices.  The  frequency 
used  for  data  traffic  is  4  MHz  to  21  MHz, far 
from  the  standard  110-volt  power  range, 
although  the  HomePlug  specification  lets 
devices  change  frequencies  and  “adapt” 
to  noisy  environments. 


But  promised  speeds  of  14M  bit/sec 
never  materialized,  or  got  anywhere  close. 
To  eliminate  every  possible  variable,  we 
plugged  each  pair  of  units  into  the  same 
plug  strip  to  test  installation  and  data  trans¬ 
fer  speeds  (running  up  and  down  stairs 
dozens  of  times  for  testing  gets  old  quick). 
HomePlug  standards  strongly  recommend 
avoiding  all  types  of  extension  cords, surge 


suppressors  and  battery  back-up  systems, 
and  to  plug  the  units  directly  into  the  wall 
socket.  For  my  tests,  however,  1  used  a  plug 
extension  strip  to  isolate  HomePlug  traffic 
within  the  strip  and  require  network  travel 
of  only  a  few  inches  to  eliminate  all  vari¬ 
ables  found  in  homes,  such  as  interference 
from  other  power  sources  (see  How  we  did 
it,  www.nwfusion.com,  DocFinder:  2132). 

Transferring  a  lOM-byte  WAV  file  took 
each  brand  of  device  about  20  seconds, 
plus  or  minus  10%.  Averaged  over  three 
transfers,  Phonex  came  in  first  at  19.64  sec¬ 
onds  average,  while  the  Linksys  with  a  USB 
connection  took  22.02  seconds  (the 
Ethernet  Linksys  transferred  the  file  in 
21.06  seconds,  on  average).  Because  all 
units  use  the  same  fundamental  chipset, 
close  performances  were  expected,  but 
seeing  the  rates  max  out  at  just  over  500K 
bit/sec  was  disappointing. 

We  then  used  the  HomePlug  devices  to 
reach  out  through  a  cable  modem  to 
www.bandwidthplace.com  on  the  Inter¬ 
net,  and  it  showed  a  transfer  rate  of  more 
than  2M  bit/sec.  While  these  numbers 
seem  contradictory,  they  show  the  prob¬ 
lems  that  arise  when  testing  system  per¬ 
formance.  Protocols,  operating  systems 


and  networking  hardware  all  interact  to 
the  detriment  of  reliable  performance 
testing.  My  tests  are  not  scientifically  defin¬ 
itive,  but  should  serve  as  a  warning  about 
high-speed  promises. 

Phonex  NeverWire  14 

Phonex  uses  only  Ethernet  connections 
for  power-line  gear.  Because  many  PCs 
come  with  Ethernet  ports  and  those  that 
don’t  can  be  updated  for  less  than  $30, 
Phonex  can  get  away  with  selling  a  single 
product.The  fact  that  installation  and  setup 
of  Phonex  NeverWire  14  products  is  nearly 
idiot-proof  makes  an  Ethernet  upgrade 
worthwhile  if  necessary 

Kudos  to  Phonex  for  the  best  manual  (76 
pages,  including  an  index  and  glossary)  as 
and  the  best  Quick  Start  guide.  The  two- 
step  process  worked  for  me.  Plug  the 
NeverWire  14  units  into  a  powerline.  Plug 
the  included  Ethernet  cables  in,  and  you’re 
networked.There  is  no  software  to  load. 

Of  course,  my  Ethernet-enabled  PCs  are 
already  configured  to  use  Dynamic  Host 
Configuration  Protocol  (DHCP)  to  join  a 
network,  and  your  remote  workers  might 
have  to  enable  that  first  (see  related  story, 
See  HomePlug,  page  26 


Takes 

■  Linksys  recently  announced  a  bridge 
that  connects  Ethernet  devices  to 
802.11b  networks.  The  Instant  Wire¬ 
less  Ethernet  Bridge  lets  home  net 
works  and  entertainment  devices  swap 
and  store  music,  games  and  video  files, 
and  share  a  high-speed  connection.  In 
corporate  networks,  the  bridge  substi¬ 
tutes  as  a  wireless  adapter  for  any  PC, 
Mac  or  Linux  system,  and  can  be  used 
to  create  temporary  wireless  setups 


between  Ethernet  devices,  such  as 
routers  and  hard  disks.  Attached  to  a 
hub,  the  bridge  can  link  a  30-client  work¬ 
group  to  an  802.11b  network.  The  bridge 
costs  about  $130.  www.linksys.com 

■  Although  devastated  by  the  crash  of 
the  travel  industry,  the  hotel  broad¬ 
band  market  will  get  a  boost  by  mid¬ 
year,  stated  a  recent  report  from  In- 
Stat/MDR.  “Pay-per-View  or  Free  Sham¬ 
poo:  Where  is  Hotel  Broadband  Head¬ 
ed?"  predicts  equipment  revenue  growth 
will  jump  by  about  250,000  ports  per  year 
after  2003,  resulting  in  an  annual  equip¬ 
ment  revenue  of  $286  million  by  2006. 
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HomePlug 

continued  from  page  25 

DocFinder:  2131).  But  Phonex  deserves 
credit  for  ease  of  installation. 

Unlike  the  others,  NeverWire  14  devices 
include  two  buttons  along  with  five  status 
lights.  The  Test  button  starts  a  search  for 
other  Phonex  NeverWire  14  boxes  and 
blinks  the  Test  status  light  for  each  device  it 
finds  (up  to  16  Phonex  devices  are  sup¬ 
ported  per  HomePlug  network). 

The  Security  button  initiates  a  process  in 
which  units  communicate  to  set  the  Home- 
Plug-standard  56-bit  encryption  scheme. 
Once  you  press  the  Security  button  on  one 
unit, you  must  press  the  Security  button  on 
all  other  transceivers  within  5  minutes  to  let 
Phonex  enable  encryption. 

Of  the  four,  these  are  the  biggest  units, 
larger  than  a  fat  paperback  book,  but  they 
offer  the  most  mounting  versatility  You  can 
stand  them  up, lay  them  flat  or  mount  them. 

You’ve  likely  never  heard  about  Phonex 
because  the  14-year-old  firm  only  recently 
entered  the  retail  market  after  years  of  mak¬ 
ing  products  for  other  companies.  But  its  14 
years  of  designing,  developing  and  manu¬ 
facturing  power-line  products  lets  it  hit  a 


home  run  right  out  of  the  first  retail  box. 

Linksys  EtherFast  10/100  Bridge  and 
USB  Adapter 

Linksys  offers  devices  with  Ethernet  or 
USB  connections,  but  sells  much  more 
Ethernet.  The  company  says  customers 
often  use  power-line  connections  to  com¬ 
plement  wireless  systems  and  stretch  the 
network  to  places  wireless  can’t  reach, 
such  as  basements.  Offering  Ethernet  and 
USB  connections  lets  customers  buy  the 
same  brand  of  transceivers  for  desktops 
with  Ethernet  cards  and  laptops  with  USB 
connections. 

But  unlike  the  Phonex  gear,  Linksys 
requires  files  to  be  loaded  on  the  client  PC 
before  you  get  going.  What’s  more,  the 
Ethernet  and  USB  boxes  look  nearly  identi¬ 
cal,  and  their  installation  CDs  are  identical 
except  for  a  small  label,  which  can  be  prob¬ 
lematic  if  you’re  using  both  types  of  prod¬ 
ucts  and  not  paying  close  attention. 

After  configuring  the  power-line  trans¬ 
ceiver  and  rebooting, my  PCs  found  the  net¬ 
work.  A  security  application  loads  to  the 
client,  letting  you  activate  the  56-bit  encryp¬ 
tion  scheme  if  you  choose. 

Linksys  transceivers  lay  flat,  but  can  stand 


on  their  edge.  Cables  go  to  each  end  of  the 
transceivers,  making  these  units  good  can¬ 
didates  for  laying  on  the  floor. 

NetGear  XE602 

NetGear’s  silver  transceivers  offer  style 
and  performance.  About  the  size  of  a  slim 
paperback,  the  XE602  (Ethernet)  and 
XE601  (USB  but  not  tested)  come  with  a 
stand  for  vertical  use,  lay  flat  or  attach  to  the 
wall.  NetGear  even  puts  screws  in  the  box 
to  make  mounting  easier. 

Too  bad  the  company  didn’t  put  that 
much  thought  into  its  installation  docu¬ 
mentation.  No  quick  guide  and  no  paper 
manual,  just  a  file  on  the  installation  CD. 
The  installation  routine  puts  the  security 
configuration  utility  on  the  client  PC  just  as 
the  Linksys  unit  did. 

Asoka  PlugLink 

New  to  the  U.S.  but  part  of  a  20-year-old 
Taiwan  company  Asoka  enters  the  fray  with 
an  industrial-looking  but  small  metal  box. 
An  installation  CD,  much  like  that  from 
Linksys  and  NetGear,  loaded  the  proper 
USB  drivers  and  security  utility  One  test  PC 
still  has  the  original  Windows  98  installed, 
and  Asoka  balked  when  it  didn’t  find 


W98SE,but  it  worked  once  the  drivers  were 
copied  manually  from  the  CD  to  the  client. 

Documentation  was  a  small  manual  cov¬ 
ering  the  USB  client  and  Ethernet  bridge 
transceiver  installation.  However,  the 
accompanying  press  materials  included  a 
color-quick  setup  guide  and  much  larger, 
more  complete  manual. 

The  transceivers  must  be  laid  flat  because 
the  vent  holes  are  on  the  sides  and  would 
be  blocked  partially  if  placed  vertically. 

These  appear  to  be  the  first  products  in  a 
home  network  line.  They  are  solid  if  not 
flashy  and  perform  as  well  as  the  others 
once  configured. 

My  tests  didn’t  find  major  differences 
between  the  units.Technicallythey  are  sib¬ 
lings,  with  packaging  and  installation 
details  defining  the  differences.  Unlike 
many  product  reviews,  the  spread  isn’t 
between  good  and  bad  but  between  pretty 
good  and  slightly  better.  Each  product  does 
what  it  promises  —  provides  simple  net¬ 
work  connections  —  even  if  throughput 
wasn’t  as  fast  as  I’d  hoped  (see  related  story, 
DocFinder:  2131). 

Gaskin  is  a  technology  writer  in  Dallas.  He 
can  be  reached  at  readers@gaskin.com. 
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How  will  you  know  where  he’s  been, 

and  what  damage  he’s  done? 


Tripwire  is  The  Data  Integrity  Assurance  Company 


Tripwire®  establishes  a  baseline  of  data  in  its  known  good 
state,  monitors  and  reports  any  changes  to  that  baseline, 
and  enables  rapid  discovery  and  recovery  when  an 
undesired  change  occurs. 

Foundation  for  Data  Security 

■  Ensure  the  integrity  of  your  data 

■  Instant  assessment  of  system  state,  reporting 
“integrity  drifts’’ 

Maximize  System  Uptime 

■  Eliminate  risk  and  uncertainty 

■  Enable  quick  restoration  to  a  desired  state 
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Increase  Control  and  Stability 

■  Ongoing  monitoring  and  reporting 

Lower  Costs 

■  Find  and  fix  problems  quickly  and  precisely  - 
no  more  guess  work 

Your  firewalls  and  intrusion  detection  tools  alone  are 
not  enough  to  keep  systems  trustworthy.  Tripwire's  data 
integrity  assurance  products  are  the  only  way  to  know  with 
100%  confidence  that  your  data  remains  uncompromised. 
For  nearly  10  years  Tripwire  has  been  helping  IT 
professionals  know  exactly  what’s  changed  on  their 
systems,  and  helping  them  to  recover  quickly. 


For  a  FREE  30-day 
fully-functional  eval, 

call  toll-free  1.800.TRIPWIRE 
(874.7947)  or  visit 

http://networld.tripwire.com 

today! 
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There's  never  been  a  better  time  to  see  how  Fluke 
Networks  handheld  test  tools  can  turn  your  team 
into  powerful  problem  solvers.  Now's  the  time  to 
check  out  the  most  powerful  line  of  network  trou¬ 
bleshooting  tools  ever  designed.  Tools  for  everything 
from  connectivity  testing  to  fixing  traffic  jams  and 
configuration  snafus.  Why  now?  Because  they  can 
also  show  you  some  other  amazing  vistas.  Like  a  free 
trip  to  see  Paris  from  the  Eiffel  Tower.  Rio  from  Sugar 
Loaf  Mountain.  Japan  from  Mt.  Fuji.  Zimbabwe  from 
Victoria  Falls.  Or  the  Grand  Canyon  from  the  South 
Rim.  It's  the  perfect  opportunity  to  see  more  of  your 
world  at  play  —  and  more  of  your  world  at  work.  So 
go  to  www.flukenetworks.com/vista  now  and  take 
a  tour  of  our  new  troubleshooting  solutions.  Then 
register  to  win  the  trip  of  a  lifetime.  Bon  voyage! 


Go  to  www.flukenetworks.com/vista  to  take  a 
virtual  tour  and  enter  to  win  a  trip  of  a  lifetime! 

For  official  rules  and  regulations  go  to  www.flukenetworks.com/vistarules 
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pfi  ^  '  The  fact  is,  if  your  network  isn’t  protected  by  NetScreen,  you 

-]  could  be  far  from  safe.  You  see,  technological  advances  don’t 

. 

i-  T  only  occur  in  the  corporate  world.  Predators  —  inside  and 

;  outside  your  network  —  have  also  made  leaps  and  bounds. 

Trojan  Horses.  Worms.  Nimda.  Code  Red.  Denial  of  Service 
attacks.  All  emerging  threats  that  many  legacy  security 
solutions  just  can’t  handle. 


NetScreen  can.  NetScreen’s  line  of  purpose-built  security 
systems  and  appliances  has  the  flexibility  and  performance 
to  handle  new  threats.  And  evolve  with  them.  Keeping  not 
only  the  central  site  connected  and  secure,  but  also  your 
wireless  LANs  and  remote  offices.  NetScreen’s  solutions 
offer  integrated  VPN,  firewall  and  network  attack  blocking. 
All  of  which  are  key  to  keeping  predators  under  control. 
And  your  entire  enterprise  out  of  trouble.  Find  out  more 
about  securing  your  place  at  the  top.  Download  a  white  paper 
on  protecting  your  network  from  the  new  generation  of 
security  threats  at  www.netscreen.com/ad/na_nw. 
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Lighting  a  Path 

Cisco  COMET  portfolio  provides  an  optical  solution  to  demanc 


BY  NOW  enterprises  have  learned  only  too  well  that  provid¬ 
ing  network  resiliency  is  a  business  imperative,  not  a  luxury. 
But  questions  remain  in  terms  of  how  best  to  ensure  that  a 
company  can  recover  from  any  type  of  disaster,  and  that 
employees  have  uninterrupted  access  to  the  services  and 
applications  they  need  to  do  their  jobs. 


The  issue  comes  down  to  two 
words:  protection  and  agility. 

Enterprises  need  to  protect  their  net¬ 
works  from  any  single  point  of  failure, 
while  being  agile  enough  to  rapidly 
recover  from  a  disruption  and  deploy 
applications  wherever  they  are  need¬ 
ed.  While  these  are  hardly  new  con¬ 
cepts,  they  have  taken  on  new 
urgency. 

That  sense  of  urgency  is  leading 
some  users  to  discover  new  ways  to 
meet  the  demands  for  protection  and 
agility.  A  prime  example  is  optical 
network  technology,  as  embodied  in 
the  Cisco  Systems  Complete  Optical 
Multi-service  Edge  and  Transport 
(COMET)  portfolio.  Cisco  COMET  is 
a  comprehensive  product  portfolio 
designed  to  integrate  voice,  video, 
data  and  storage  applications  over  a 
single,  end-to-end  multiservice  opti¬ 
cal  network.  Cisco  COMET  enables 
enterprises  to  deploy  highly  fault 
tolerant  networks  that  have  the  band¬ 
width  and  flexibility  required  to 
support  applications  such  as  data 
mirroring  and  backup,  storage-area 


networks  (SAN),  network-attached 
storage  (NAS)  and  voice  over  IP, 
which  can  be  critical  lynchpins  in 
a  comprehensive  disaster  recovery 
plan. 

"Every  enterprise  must  develop 
plans  and  procedures  to  become  a 
resilient  organization,"  writes  David 
Neil,  editor  in  chief  of  the  Enterprise 
Networking  segment  of  Gartner,  Inc.’s 
recent  Spotlight  series  of  reports  on 
building  resilient  organizations.  "Not 
having  such  a  strategy  places  the 
enterprise  at  enormous  risk  and  could 
leave  it  in  a  situation  from  which  it 
may  never  recover.” 

Building  in  Resiliency 

From  an  IT  perspective,  reducing 
the  risk  of  a  business-threatening 
event  starts  with  designing  a  network 
that  provides  for  high  availability, 
with  no  single  point  of  failure  and 
rapid  recovery  times. 

Guaranteed  access  to  data  is  anoth¬ 
er  must,  one  that  is  driving  many 
enterprises  to  build  SANs  and  NAS 
facilities.  In  either  case,  a  geographi¬ 


cally  separate  backup  storage  facili¬ 
ty,  if  not  an  entire  backup  data  center, 
is  required. 

This  presents  a  challenge  for  many 
enterprises  given  the  vast  difference 
in  bandwidth  typically  available  in  a 
LAN  environment  vs.  a  MAN  orWAN. 
Enterprises  can  meet  that  challenge 
using  optical  technology,  lighting  up 
dark  fiber  or  individual  wavelengths 
to  construct  a  metro  IP  network  that 
provides  the  high  bandwidth  and  net¬ 
work  resiliency  that  applications  like 
storage  require. 

“The  CISCO  COMET  portfolio  is 
designed  to  keep  business  opera¬ 
tions  functioning  in  the  event  of  a  fail¬ 
ure,  with  the  ability  to  recover  from  a 
fiber  outage  in  less  than  50  ms,”  says 
Chris  McGugan,  senior  manager, 
technology  marketing  for  Cisco. 
“We've  spent  time  with  companies 
like  IBM  and  EMC  in  getting  Cisco 
optical  solutions  certified  for  deploy¬ 
ment  with  their  storage  systems,  so 
that  we  meet  their  latency  and  dis¬ 
tance  requirements.” 

Cisco  has  also  worked  to  ensure 
that  all  the  benefits  inherent  in  its 
Architecture  for  Voice,  Video  and 
Integrated  Data  (AVVID)  extend  to 
Cisco  COMET.  AVVID  is  a  frame¬ 
work  for  leveraging  the  intelligent 
network  features  inherent  in  the 
Cisco  IOS  and  Catalyst  operating 
systems  to  provide  security  features 
such  as  authorization,  authentication 
and  accounting.  AVVID  also  address¬ 
es  performance  issues,  providing 
load  balancing  and  advanced  quality 


Learn  more  about  optical  networking: 


III! 
■  Ill 


Download  the  white  paper,  "Cisco  COMET:  Optical  Networking  Solutions  for 
the  Enterprise,"  from:  www.nwfusion.com/gocc/brwp2. 


of  service  (QoS) 
features.  The  net 
result  is  that  every 
application  -  be  it 
voice,  data  or  video 
-  gets  the  network 
performance  it 
requires. 

Now  a  customer's 
existing  Cisco 
enterprise  network¬ 
ing  solutions  can  tie 
in  to  an  optical 
infrastructure, 
while  maintaining 
all  the  security  and 
performance  moni¬ 
toring  features 
embodied  in  Cisco 
AVVID.  So  cus¬ 
tomers  not  only  get 
massive  amounts  of 
bandwidth,  they  get 
bandwidth  that  is 
application-aware. 

Cisco  COMET 
delivers  on  the  well- 
known  fault-detection  and  traffic  re¬ 
routing  capabilities  of  SONET,  but 
goes  a  step  further  by  providing  sup¬ 
port  for  the  emerging  Resilient  Packet 
Ring  (RPR)  standard,  which  is  based 
on  Dynamic  Packet  Transport  tech¬ 
nology  developed  by  Cisco.  Both 
SONET  and  RPR  networks  can  route 
around  failures  in  less  than  50  ms,  but 
RPR  offers  more  flexibility  and  a 
lower  entry  cost,  McGugan  says. 
Instead  of  installing  a  SONET  multi¬ 
plexer  at  each  location,  enterprises 


can  terminate  an  RPR  connection 
directly  into  their  Cisco  COMET 
devices  or  other  Cisco  equipment 
such  as  the  Catalyst  6500  and  Cisco 
7600  Series  router.  RPR  offers  anoth¬ 
er  advantage  in  that  it  doesn't  require 
users  to  reserve  extra  bandwidth  to 
be  employed  in  case  of  a  failure  of  the 
primary  path,  as  does  SONET. 

Cisco  COMET  devices  also  perform 
extensive  performance  monitoring, 
such  as  by  checking  bit  error  rates 
and  detecting  Cyclical  Redundancy 


Checking  (CRC)  errors  that  indicate 
signal  degradation.  That  enables  the 
devices  to  automatically  switch  traf¬ 
fic  to  a  backup  path  when  the  primary 
is  not  performing  properly. 

In  short,  enterprises  are  finding  that 
converging  their  voice,  video,  data 
and  storage  networks  over  a  single 
high-performance  optical  network 
can  not  only  provide  cost  savings  and 
simplified  network  management,  it 
can  be  an  important  part  of  their  busi¬ 
ness  resilience  strategy. 


A  Resilient  Enteprise  Built  on  DWDM 


The  Cisco  COMET  portfolio  includes  DWDM  solutions  that  enable  network  consolidation  over  a  single 
multiservice,  optical  infrastructure  that  offers  scalability,  flexibility  and  resiliency. 
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Introducing  the  next  breakthrough  in 
storage  management:  Automation. 


New  Softek"  Storage  Manager  does  more  than  automate  key  tasks  like  archiving, 
deleting,  reporting,  and  provisioning,  according  to  policies  you  set.  It’s  also  the  first 
product  that  lets  you  manage  your  entire  storage  infrastructure  via  one  interface- 
no  matter  how  many  systems,  platforms,  or  configurations  you’re  supporting.  Storage 
Manager  delivers  a  centralized,  simplified  storage  system,  allowing  you  to  realize  best- 
in-class  ROI  from  your  storage  assets.  Want  a  FREE  software 
trial?  Call  (800)  560-7804  or  go  to  our  Web  site. 
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o  FORECASTS  FUTURE  STORAGE  NEEDS 


FUJITSU 


o  SUPPORTS  HP -UX®,  SOLARIS  ", 

NT/2000*,  AIX  ,  OS/390  ,  AND  z/OS" 
OPERATING  SYSTEMS 


www.softek.fujitsu.com/automate/ 


Easing  the 

storage 

burden 


Storage,  with  its 
wildly  growing  vol- 
limes,  can  quickly 
^  overwhelm  even  the 

A  '  most  PreParecj  net' 

4  /jjj-  work  professional. 

An  overburdened 

storage  architecture  can  crush  pro¬ 
ductivity  and  efficiency  even  before 
you  realize  you've  got  a  problem. 

Easing  the  storage  burden  is  going 
to  take  unprecedented  industry  coop¬ 
eration.  But  we've  seen  promising 
signs.  One  worth  noting  is  the  team¬ 
ing  of  17  vendors  to  develop  the 
Bluefin  management  specification, 
and  the  Storage  Networking  Industry 
Association’s  (SNIA)  subsequent 
commitment  to  turn  that  spec  into  a 
full  management  standard. 

In  the  offing  is  an  interoperable 
management  interface  for  Fibre 
Channel,  network-attached  and 
direct-attached  storage  devices  — 
much  like  what  SNMP  provides  for 
enterprise  network  gear.  Storage 
managers  surely  would  benefit  from 
the  ability  to  manage  disparate  ven¬ 
dors'  storage  devices  from  the  same 
management  platform. 

So  be  sure  to  keep  vendors  honest 
in  their  support  of  Bluefin  (now  offi¬ 
cially  known  as  the  Storage  Man¬ 
agement  Interface  Specification)  or 
any  other  open  management  standard 
coming  out  of  the  SNIA.  Insist  they 
embrace  the  SNIA’s  work  and  that 
they  prove  themselves  by  participat¬ 
ing  in  interoperability  tests. 

After  all,  with  open  management 
comes  the  ability  to  mix  and  match 
products  to  suit  your  needs,  even  if 
that  product  isn't  from  your  primary 
storage  vendor.  And  that  will  surely 
help  keep  storage  issues  from  over¬ 
whelming  you. 

Beth  Schultz 
Editor,  Signature  Series 
bschultz@nww.com 
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Picnic  or  panic? 


The  ins  and  outs  of 

interconnects 

Understanding  how  to  build  a  SAN  means  knowing  your 
way  around  a  maze  of  new  protocols. 

Distributed  file  system 

on  tap 

Technology  that  pools  far-flung  storage  resources  could 
be  a  long-awaited  management  life  raft. 

Bluefin  on  the 

management  menu 

This  draft  specification  opens  storage  management 
and  makes  SANs  more  appetizing. 

Taking  the  tedious  out  of  storage 

management 

New-style  automated  hierarchical  storage  management 
products  add  more  smarts  to  managing  aging  data. 
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It  used  to  be,  if  you  wanted 
a  storage-area  network,  you 
turned  to  Fibre  Channel,  th 
high-speed  transport  tech¬ 
nology  that  moves  SCSI  traf¬ 
fic  from  servers  to  disk 
arrays  and  tape  drives. 

Now  you  have  to  sift 
through  a  veritable  alphabet 
soup  of  storage  intercon¬ 
nects  to  determine  which 
best  suits  your  SAN  needs. 
You  have  iSCSI,  Fibre 
Channel  over  IP  (FC1P)  and 
Internet  Fibre  Channel  Pro¬ 
tocol  (iFCP)  for  pushing  stor 
age  data  over  IP,  and  Infini¬ 
Band,  a  high-speed  I/O 
switching  fabric. 

“The  lines  are  blurring  be¬ 
tween  what  used  to  be  the 
separate  universes  of  stor 
age,  networking,  clustering 
and  I/O  technology,”  says 
Karl  Walker,  a  vice  president 
of  server  strategy  at  Hewlet 
Packard.  “All  of  that  stuff  is 


really  starting  to  come  together  in 
interesting  ways.” 

„ .  Interesting  is  one  way  to  put  it. 

Jl  <  Complex  is  another.  In  a  recent  sur- 

•  vey  of  96  network  professionals 

who  attended  Network  World’s  sum- 
rner  seminar  tour,  “Storage  Town 
w  Meeting:  Ensuring  Business  Con- 
v,  ►  tinuity,”  21%  said  they  could  see  an 
^  ^  immediate  need  for  new  storage 

(  j|  JP  interconnects  but  weren’t  sure 
what  was  available.  Another  49% 
j.  said  they  could  see  a  future  need 
but  needed  to  investigate  options 
(see  charts,  page  10). 

Users  should  start  their  research 
with  iSCSI,  FCIP  and  iFCP.  Storage 
,  vendors  concocted  these  intercon- 
,  ^||:  nect  protocols  in  response  to  short- 

m  comings  of  Fibre  Channel.  Fibre 
■  m Channel  networks  require  expen- 
I&uaM  sive  dedicated  fiber  lines  and  spe¬ 
ll  cialized  expertise  and  present  a  dis- 
™  tance  limitation  that  could  be  trou- 
blesome.  Fibre  Channel  deploy¬ 
ments  cap  off  at  about  10  km,  a  real 
,  l^oblem  when  trying  to  set  up  geo¬ 


graphically  distributed  storage  for 
disaster  recovery. 

Vendors  are  embracing  iSCSI, 

FCIP  and  iFCP  in  varying  degrees, 
but  haven’t  rallied  behind  one  pro¬ 
tocol  yet.  Some  are  hedging  their 
bets  with  storage  switches  and 
other  products  that  support  the 
incumbent  Fibre  Channel  and  IP- 
based  storage.  “The  industry  has 
invested  a  lot  of  money  in  building 
Fibre  Channel  SANs.  Fibre  Channel 
is  clearly  going  to  remain  the  domi¬ 
nant  force  for  the  next  half  decade,” 
says  Jamie  Gruener,  a  senior  ana¬ 
lyst  with  The  Yankee  Group. 

On  the  plus  side,  this  dual  sup¬ 
port  lets  users  get  a  feel  for  new  IP 
SANs  without  trashing  existing 
Fibre  Channel  SANs. 

ISCSI,  FCIP  and  iFCP  await  stan¬ 
dards  ratification,  as  does  Infini¬ 
Band.  Until  then,  most  enterprise 
users  are  watching,  but  not  deploy¬ 
ing,  the  protocols. 

“We’ll  continue  implementing  in 
our  existing  manner,  using  our 


If  You  Had  Just  Saved  $120,000 
Your  First  Month,  You'd  Be 
Smirking,  Too. 


When  BlueCross  BlueShield  of  Tennessee  set 
out  to  build  a  SAN,  they  were  looking  for  far 
more  than  just  a  vendor.  They  were  looking 
for  a  partner,  which  is  precisely  what  they 
found  in  McDATA.  What  we  uniquely  had 
to  offer  was  a  complete  solution  that 
encompassed  hardware,  software,  and  more 
importantly,  long-term  strategic  thinking. 

"It  goes  beyond  McDATA  having  the  finest 
SAN  hardware  and  software  products  on  the 
market;  what  was  key  was  the  partnership 
we  formed. " 

Bob  Venable 

Manager  of  Enterprise  Systems 

r*rl  IJjii«*(  Imss  BlueShieltl 
Vfy  of  Temn  ■ss<v 

The  results  we  ?  even  greater  than  imagined. 
Using  our  SANavigator  software,  BlueCross 
BlueShield  of  Tennessee  saved  an  astonishing 
5120,000  the  first  month  alone.  They  grew  their 
business  by  15%,  at  the  same  time  improving 
their  corporate  efficiency  by  30%.  And  now  the 
firm  is  able  to  manage  46  terabytes  of  data  and 
over  4,000  users  with  just  four  part-time 
administrators. 

Just  like  we  did  for  BlueCross  BlueShield  of 
Tennessee,  McDATA  could  help  you  save  a  lot  of 
green,  too.  So  give  us  a  call  or  visit  our  website. 

1.800.545.5773 

www.mcdata.com/nww 
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work  traffic,  and  security  iiave  been  big 
concerns.  And  iSCSI  hasn't  made  the  in¬ 
roads  expected  when  it  was  introduced 
by  Cisco  and  IliM  in  February  2000. 
Cisco  and  Nishan  Systems  are  anion# 
only  a  handful  of  vendors  offering  iSCSI 
switches.  Still  missing  are  iSCSI  storage 
arrays  from  vendors  such  as  F.MC  and 
I  II’.  IBM  put  a  damper  on  iSCSI  when  it 
halted  development  of  the  200i  iSCSI  tar¬ 
get  storage  appliance  it  introduced  in 


early  2001.  Users  wanted  more  power 


than  provided  by  this  “kick  the  tires 


version,  says  Clod  Barrera,  technical 


strategy  director  for  IBM  Storage 


Storage  interconnects  in  a  SAN 


This  diagram  of  a  hypothetical  SAN  shows  the  use  of  a  variety  of  storage  interconnects.  Additionally,  the  Fibre  Channel  over  IP  and 
Internet  Fibre  Channel  Protocol  specifications  would  allow  the  extension  of  this  SAN  over  distances  greater  than  10  km. 


Server  1  has  a  Fibre 
Channel  host  bus  adapter 
(HBA)  that  connects  to 
storage  through  a  Fibre 
Channel  fabric. 


Servers  2  and  3  have  host  channel  adapters,  and  connect  to 
each  other,  Fibre  Channel  and  iSCSI  storage  through  InfiniBand. 


Server  1 
HBA 


Server  2 
HCA 


Server  3 
HCA 


Server  1  connects 
directly  to  Fibre 
Channel  and  to 
SCSI  storage  via 
a  virtualization 
device  that 
converts  Fibre 
Channel  to  SCSI. 


k  M- 


4"  ■- . 

PCI  bus 
HBA  . 

TCA 

PCI  bus 
:  NIC 

SRP 

HBA  . 

i  HBA  . 

FC 

database 


Server  4  uses  an  Ethernet 
network  interface  card  (NIC) 
with  remote  direct  memory 
access  andTCP  offload  to 
connect  to  storage  over  iSCSI. 


InfiniBand  servers  talk 
with  iSCSI  when  a  target 
channel  adapter  (TCA) 
terminates  the  SCSI 
Remote  Protocol  (SRP) 
and  delivers  it  as  iSCSI. 


age  side,  I  don't  see  iSCSI  happening,  be- 
eause  the  performance  would  lie  loo 
poor,"  says  Arun  Taneja,  senior  analyst 
at  Enterprise  Storage  Group. 

Wireless  Retail,  a  sjieclality  provider  of 
wireless  services  and  products,  ran  into 
such  performance  problems  witli  its 
iSCSI  deployment.  Like  most  small  com¬ 
panies,  Wireless  Retail  had  been  using 
direct-attached  storage.  List  fall,  it  was 
ready  to  move  into  more  distributed, 
scalable  storage.  It  chose  iSCSI  to  avoid 
the  typically  big  investment  required  for 
Fibre  Channel. 

I  wanted  to  utilize  the  storage  for 

everything  that  it  was  worth, 
and  that  meant  getting  as 
many  servers  as  possible 
connected  and  doing  it  as 
economically  as  possible," 
says  George  Nathanson,  IT 
director  at  Wireless  Retail, 
in  Scottsdale,  Ariz. 

At  the  same  time, 
Nathanson  concedes  that 
performance  is  one  nag¬ 
ging  concern  of  iSCSI.  To 
address  this,  and  fail¬ 
over,  he  opted  for  Fibre 
Channel  to  connect  his 
SQL  databases,  which 
contain  some  of  the  more 
critical  data  in  his  stor¬ 
age  setup. 


Lacking  disk  arrays,  iSCSI  uses 
virtualization  devices  such  as  array 
controllers  to  translate  iSCSI  into  other 
protocols,  such  as  Fibre  Channel. 


Freeinq  Fibre 
Channel 


SOURCE  WAYNE  RICKARD,  siorage  consultant 


FC1P  and  iFCP  may  be 
tlie  answers  for  compa¬ 
nies  that  want  to  extend 
their  Fibre  Channel  stor¬ 
age  farther  than  10  kin. 
Each  uses  gateways  to 
encapsulate  Fibre  Channel 
commands  into  IP  packets. 

FCIP  moves  the  encapsulated  Fibre 
Channel  data  through  a  “dumb”  tunnel, 
essentially  creating  an  extended  routing 
system  of  Fibre  Channel  switches.  This 
protocol  is  best  used  in  point-to-point 
connections  between  SANs  because  it 
cannot  take  advantage  of  routing  or 
other  IP  management  features.  And  be¬ 
cause  FCIP  creates  a  single  fabric,  traffic 
flows  could  be  disrupted  should  a  stor¬ 
age  switch  go  down. 
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COMPLIMENTARY  SEMINAR 


NETWORK  STORAGE  UNIVERSITY  PRESENTS: 
IP  STORAGE:  EXTENDING  THE  ENTERPRISE 


Why  IP  Storage? 

How  will  it  affect  your  current  storage  landscape? 

What  do  terms  like  iSCSI,  SOIP,  FCIP,  iFCP  mean  within  your  world? 

Can  I  leverage  my  current  storage  infrastructure? 

Is  IP  Storage  hype  or  reality? 

Network  Storage  University  and  its  industry  leading  storage  partners  can  help  educate  you  on  the  new  and 
much  anticipated  technology  of  IP-based  storage.  New  protocols  such  as  iSCSI,  SOIP,  FCIP,  iFCP  promise  a 
host  of  benefits  to  network  storage  users.  Noted  author  and  consultant,  Jon  William  Toigo  will  lead  this 
seminar  with  an  informative  keynote  speech,  followed  by  presentations  from  the  industry’s  most  leading 
edge  vendors  within  this  space.  The  day  will  conclude  with  a  spirited  roundtable  discussion,  where  attendees 
will  be  encouraged  to  ask  the  tough  questions  of  the  experts  themselves. 


WHO  SHOULD  ATTEND? 


IT  professionals  who  are  responsible  for  ensuring  data  availability  and  for  implementing  an  enterprise  storage 
strategy.  Professionals  who  know  that  smart  technology  decisions  require  the  best  technology  partners. 


WHY  ATTEND  THIS  SEMINAR? 


Learn  more  about  the  latest  IP  storage  protocols  including  iSCSI,  SOIP,  FCIP,  iFCP,  all  of  which  promise  a 
host  of  benefits  to  network  storage  users.  “IP  Storage:  Extending  the  Enterprise”  is  brought  to  you  by  leading 
edge  vendors  who  are  on  the  forefront  of  this  new  frontier.  Cisco,  Network  Appliance,  QLogic  and  Quantum 
will  share  with  you  their  view  of  this  new  technology  and  how  the  use  of  IP  Storage  can  benefit  you  and  your 
company  as  well  as  contribute  to  your  company’s  bottom  line. 


WHERE  AND  WHEN: 


TWELVE-CITY  TOUR* 


Los  Angeles,  CA 
Phoenix,  AZ 
Denver,  CO 
Dallas,  TX 
Cleveland,  OH 
Boston,  MA 


August  21 
August  27 
September  5 
September  17 
September  19 
September  24 


New  York,  NY 
Washington,  DC 
Atlanta,  GA 
Miami,  FL 
Bellevue,  WA 
San  Jose,  CA 


September  26 
October  1 
October  3 
October  10 
October  22 
October  24 


•Locations  for  seminars  yet  to  be  determined. 


AD  ENODTIO,  AB  SCIENTIA 


Find  out  more  information  and  Register  Now: 
www.NetworkStorageU.com  or  call:  1-866-575-8232 


Faculty  Partners: 


NetworkAppliance* 


Quantum 


Cisco  Systems 


{lO' 

Simplify' 


invent 


CROSSROADS 


George 

Nathanson 

IT  director 

at  Wireless  Retail, 


affordable 

SAN. 


What  do  you  think  about  storage  interconnection 
technologies  like  iSCSI  and  Fibre  Channel  over  IP? 


Interconnection  confusion 

In  a  recent  survey  of  network  professionals  attending  Network 
World's  summer  seminar  tour  "Storage  Town  Meeting:  Ensuring 
Business  Continuity,"  here’s  how  respondents  answered  these 
questions: 


96  respondents 

Want  them,  but  would 
~  wait  for  them  to 
s>^.  mature  before 
adopting 

ft - 16% 

H;  Would  need 
in  the 
future; 
researching 
options 

” — -  49% 


96  respondents  used  1-6  scale,  with 
1  being"never  heard  of  it"  and 
6  being  “implemented." 


Have  an  immediate 
need,  but  not  sure 
what's  available 


Fibre  Channel  SANs 


Fibre  Channel  over  IP 
■■■■■■■  2.59 


Would  like  to 
be  a  first 
adopter 

10%  — 

No  answer 


InfiniBand 


Storage:  Picnic  or  panic? 
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IFCP,  on  the*  other  hand,  lets  users 
maintain  the  Fibre  Channel  architecture 
while  gaining  the  benefits  of  IF  networks, 
IFCP  wraps  Fibre  Channel  data  in  II’ 
packets  but  maps  IP  addresses  to  indi¬ 
vidual  Fibre  Channel  devic  es.  That  pro¬ 
vides  more  stability  than  a  tun- 
neled  FCIP  deployment,  some  d|i 
vendors  say.  JS&Sgmr, 

When  iFCP  creates  the  IP 
packets,  it  inserts  informal  imijjg 
that  is  readable  by  network 
devices  and  routable  within 
the  IP  network.  "IFCP  gives 
you  visibility  into  the  talking  fj 
pairs  between  servers  and 
storage  and  gives  you  a  way 
to  monitor  discrete  conversa- 
tions  between  storage  initia  i 
tors  and  targets,"  says  'loin  ® 

Clark,  director  of  technical  jSP® 
marketing  at  Nishan,  which 
supports  iFCP,  FCIP  and  iSCSI  ■ 
in  its  storage  products. 

Because  the  pac  kets  contain  « 

IP  addresses,  customers  can 
use  IP  network  management  tools  such 
as  HP’s  OpenView  to  manage  the  flow  of 
Fibre  Channel  data  using  iFCP. 

Marketing,  travel  and  hospitality  con¬ 
glomerate  Carlson  Companies,  in 
Minneapolis,  opted  to  use  iFCP  to  ex¬ 
tend  the  reach  of  its  Fibre  Channel 
direct-attached  storage.  It  plans  to 
eventually  link  the  IP  SAN  to  thou¬ 
sands  of  remote  offices  in  more  than 
140  countries,  it  uses  Nishan  multipro¬ 
tocol  switches  to  convert  data  be¬ 
tween  Fibre  Channel  and  IP.  IFCP 
routes  the  Fibre  Channel  commands 
across  the  company’s  Fthernet  LAN. 

Gary  Johnson,  architectural  consultant 
for  Carlson  Shared  Services,  says  iFCP 
will  let  Carlson  quickly  extend  its  SAN 


globally  because  it  uses  native  IP  man¬ 
agement.  He  says  companies  should  lx 
aware  that  latency  could  he  an  issue 
once  storage  traffic  moves  outside  a 
dedicated  link. 

"As  long  as  you  engineer  and  design 


storage  application,  rather 
than  a  messaging  application, 
it’s  going  to  work  just  fine  for 
you,”  he  says.  “As  soon  as 
we  leave  [our  dedicated 
storage]  network  to  go  to  a 
remote  location,  we  cer¬ 
tainly  expect  that  we’ll  he 
using  [quality  of  service]  to 
manage  that.” 

The  biggest  downside  with 
Fibre  Channel-based  IP  de¬ 
ployments  is  that  they  still 
require  the  expensive  Fibre 
Channel  back  end.  Vendors 
such  as  CNT,  EMC,  Pirus, 
SANcastle  and  SAN  Valley 


Think  of  the  new  Guardian™  4400  server 
as  your  trusty  Snap  Server?.. on  steroids. 

■ 

Drive  down  the  cost  of  workgroup  storage 
in  your  enterprise.  1U/640GB  for  $5,495! 


Guardian  NAS  Server  Family 


Guardian  4400  Server 


Once  again,  Quantum  raises  the  bar  for  Network  Attached  Storage.  Introducing 
the  Quantum  Guardian  4400  server.. .the  latest  addition  to  the  Guardian  line  of 
enterprise  servers.  The  Guardian  4400  server  offers  value,  performance  and  a 
feature  set  unmatched  by  any  other  1U  workgroup  server.  You'll  get  higher  data 
availability  with  hot-swappable  disk  drives  and  dual  Gigabit  Ethernet  connectivity. 
Your  costs  will  be  lower  thanks  to  capabilities  like  Snapshots,  local  tape  backup  via 
SCSI  port1  and  Backup  Express  for  Guardian  software  and  fast,  easy  deployment  into 
your  mixed  Windows,  Linux,  UNIX  and  Macintosh  environment.  See  for  yourself  how 
it  blows  the  competition  away  at  auantum.com/new4400. 


Guardian  14000  Server 

Quantum. 


r 

GUARDIAN  NAS  SERVER  FAMILY 

GUARDIAN  1  4000 

1 

GUARDIAN  4400 

•  Support  for  Windows,  UNIX,  Linux  and  Macintosh 

8  1.44TB  Native  Capacity 

8  640GB  and  480GB 

Environments  •  Journaling  File  System 

8  Twelve  Front-Loading,  Hot- 

Native  Capacity 

Security/Management  •  Microsoft  ADS  •  UNIX  NIS  •  SNMP 

Swappable  Disk  Drives 

8  Four  Front-Loading, 

•  SSL  •  SSH  •  Kerberos  Authentication  •  Quotas  for 
Users/Groups  •  File  and  Folder  Security  for  Users/Groups 

8  Redundant  (N+1) 
Hot-Swappable 

Hot-Swappable  Disk 

Drives 

Availability  •  Hot-Swappable  Disk  Drives  •  Dual  Gigabit 

Power  Supplies 

8  Maximum  Density  in  a 

Ethernet  8  RAID  0,1,5,5+Hot  Spare 

8  Redundant  (N+1) 

1 U  Form  Factor 

Data  Protection  •  Snapshot  Technology  8  Backup  Agent 

Hot-Swappable  Cooling  Fans 

8  Three-Year  Rapid 

Support  8  Server- to- Server  Synchronization  Utility 

8  Local  Tape  Backup  Support  8  APC  Smart-UPS  Support 

8  LCD  Management  Console 

Exchange  Warranty 

8  PowerQuest  DataKeeper  (for  Windows  Client  Backup) 

8  Standard  On-Site  Support 

J 

1 .888.343.7627  quantum.  com/new4400 
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Distributed  file  system 


on  tap 

Technology  that  pools  far-flung  storage  resources  I 
could  be  a  long-awaited  management  life  raft.  ™ 


BY  MARY  RYAN-CARCIA 


PHOTO:  DANA  EOMU 


*»— « 

Brian  Chee,  an  IT  director  at  University  of 
Hawaii,  finds  an  ocean  of  storage  management 
opportunities  with  distributed  file  systems. 


With  corporate  storage  pools  springing  up  all  over,  one  of  the 
most  tantalizing  new  management  ideas  is  the  distributed  file 
system.  A  DFS  manages  multiple,  geographically  dispersed 
storage  devices,  including  Fibre  Channel  and  network-attached 
storage  servers.  A  variety  of  start-ups  and  traditional  vendors 
are  developing  products,  pitching  IT  managers  on  the  ability  to 
scale  storage  capacity  and  performance  at  will. 


If  you  run  out  of  capacity  in  a  tradi¬ 
tional  direct-attached  storage  environ¬ 
ment,  you  have  to  bring  the  server 
down  and  add  more,  Taneja  says.  If  you 
run  out  of  compute  power,  you  either 
buy  a  larger  server  or  add  another  one 
and  split  your  application  and  data. 
“Either  way,  you  have  to  bring  your  sys¬ 
tems  down,”  he  says.  “What  a  pain  from 
a  user  [perspective]  and  from  a  storage 
management  perspective.” 

Although  DFS  players  take  slightly  dif¬ 
ferent  approaches  in  their  products, 
each  presents  one  file  system  image  to 
the  application  server  or  client  seeking 
file  services,  Taneja  says.  Instead  of 
being  serviced  via  Network  File  System 
from  three  NAS  servers  today  —  and 
thus  having  at  least  three  file  systems 
mounted  to  your  NFS  client  software  — 
you  would  only  have  one  mount  point 
to  the  DFS.  “This  alone  would  make 
your  IT  administrator’s  life  significantly 
easier,”  he  notes. 

For  DFS  to  interplay  effectively  with 
the  various  file  systems  that  come  with 
NAS  devices  (NFS  for  Unix  boxes  and 
Common  Information  File  System  [CIFS] 


for  Microsoft  servers),  vendors  t 
■  " -  '  *1LIJI 


For  example,  start-up  Zambeel  offers 
Aztera,  a  distributed  NAS  file  system 
that  will  let  users  consolidate  multiple 
users,  departments  or  projects  within 
a  secure  storage  infrastructure.  And 
Acirro,  another  start-up,  offers 
Acumula,  software  that  lets  users  com 
bine  data  across  storage  devices,  net¬ 
works  and  formats. 

Other  DFSs  for  storage  contenders 
include  lVision,  Advanced  Digital 
Information  Corp.  (ADIC),  DataCore 
Software,  Scale  Eight,  Z-Force,  and  tra¬ 
ditional  vendors  such  as  IBM  Tivoli, 
LSI  Logic,  Silicon  Graphics,  Sun  and 
Veritas  Software. 

It  seems  such  product  development 
comes  none  too  soon.  Users  have 


been  waiting  for  DFS  for  the  last  five  or 
more  years,  chiefly  on  the  promise  of 
unlimited  scalability  and  more  balanced 
storage  workloads,  says  Arun  Taneja,  a 
senior  analyst  with  the  Enterprise 
Storage  Group.  “Managing  different  com¬ 
puters,  each  with  its  own  file  system 
instance,  and  its  own  storage  is  a  lot 
harder  than  if  there  was  a  solid,  inter¬ 
locking  file  system  that  ran  on  the  clus¬ 
ter.  This  is  particularly  true  for  a  single 
application,  such  as  e-mail,”  he  says. 
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rnrriML-x  .  Avoiding  Costs  from  Oversizing 
rn tt  White  paper!  Data  Center  Infrastructure 

Just  mail  or  fa*  this  completed  coupon  or  contact  APC  for  your  FREE  white  paper  Avoiding  Costs  from  Oversizing 
Data  Center  Infrastructure  Better  yet,  order  it  today  at  the  APC  Web  site!  You  will  also  receive  a  free 
PowerStruXure'  CD:  "Presenting  PowerStruXure". 


□  YES!  Please  send  me  my  FREE  white  paper  -  and  the  FREE  PowerStruXure” 

CD:  "Presenting  PowerStruXure"! 

□  NO,  I'm  not  interested  at  this  time,  but  please  add  me  to  your  mailing  list. 
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What  type  of  availability  solution  do  you  need? 
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Had  enough  of  planning  and  installation 
headaches  in  your  data  center  or  server  room? 


ure 


PowerStru 


Scalable  data  center  architecture 
for  infrastructure  on  demand" 


New  APC  PowerStruXure™  can  cut  your  buildout  time  by 
weeks  and  your  data  center  infrastructure  OPEX  by  up  to  20°/o* 


From  1.5kW  to  5MW,  APC  PowerStruXure  architecture  provides  a  patent-pend¬ 
ing,  systematic  approach  to  building  data  center  infrastructure  utilizing  stan¬ 
dardized,  pre-assembled  components. 

PowerStruXure  is  vendor-neutral,  highly  compatible  with  all  major  server  and  inter¬ 
networking  solution  manufacturers  including  Compaq,  Dell,  IBM,  HP,  Sun,  Cisco, 
Lucent,  Nortel  and  more. 

Read  why  the  experts  say  legacy  UPS  systems 
just  can't  compare  to  new  APC  PowerStruXure  ™: 


See  how  PowerStruXure  can  be 
deployed  in  a  matter  of  hours!  Visit 
the  URL  below. 


'PowerStruXure  systems  are  pre-engineered, 
pre-tested,  and  mostly  pre-assembled,  dra¬ 
matically  shortening  the  build  time  needed 


'Instead  of  going  to  different  vendors  for  hous¬ 
ings,  power  cabling,  and  cable  troughs  and 
ladders,  you  now  build  your  entire  power 


fiiyeriaMit  Computer  News  Best 

New  Technology 

Awards  at  FOSE 
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for  creating  a  data  center  to  a  few  days. 

Boardwatch  (ISPworld.com) 

June  2002 


infrastructure  from  their  PowerStruXure  kit. 

Communications  Convergence 

May  2002 


* Representative  savings  based  on  projected  power  infra¬ 
structure  buildout  costs  and  estimated  service  cost  per 
unit.  Actual  savings  may  vary. 
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White  Paper:  "Avoiding  Costs  from  Oversizing  Data  Center  Infrastructure", 

You'll  also  receive  the  FREE  PowerStruXure  ”  CD:  "Presenting  PowerStruXure"! 


Visit  httpy/promo.apc£om  Key  Code  g463y  •  Call  888-289-APCC  x2419  •  Fax  401-788-2797 
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FAILURE  is  MOT 


the  technology  in  myriad  ways  for  maximum  storage  performance, 
says  Mike  Kahn,  chairman  of  The  Clipper  Group,  a  technology  acqui¬ 
sition  consultant.  “In  one  instance,  a  singular  file  system  takes  over 
for  many  servers.  In  others,  a  metafile  server  ‘floats’  overhead,”  he 
says.  “Others  use  an  installable  file  system  or  stub  to  replace  the 
operating  system’s  native  file  system.” 

Whatever  the  technique,  many  users  find  promise  in  the  idea  of 
centralizing  storage  resources  in  a  single  pool.  In  a  recent  survey  of 
96  network  professionals  attending  Network  World's  summer  semi- 

“Instead  of  forcing  the  students 
to  wait  for  a  long  download  .  .  . 
DFS  provides  a  way  for  faculty 
to  drop  their  material  onto 
locally  mounted  devices.” 

—  Brian  Chee,  IT  director  at  University  of  Hawaii 


SDLT  320: 


THE  ULTIMATE 
BACKUP 
MACHINE. 


nar  tour  “Storage  Town  Meeting:  Ensuring  Business  Continuity,” 
two-thirds  of  respondents  said  they  do  not  yet  have  geographically 
dispersed  NAS  and  storage-area  network  (SAN)  environments.  But 
of  those  who  do,  the  desire  to  manage  them  as  a  single  storage  pool 
was  nearly  unanimous  (see  graphic,  page  16). 
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32  MB/s  -  Up  to  33%  faster!* 


DFS  education 

Such  is  the  case  at  University  of  Hawaii  (UH),  in  Honolulu,  which 
has  been  using  Acirro’s  Acumula  DFS  software  in  a  pilot  program 
launched  in  April.  The  pilot  enables  sharing  of  educational  materials 
among  10  UH  campuses,  across  four  islands,  letting  students  partici¬ 
pate  in  classes  regardless  of  their  physical  location,  says  Brian  Chee, 
a  systems  programmer  and  associate  director  in  the  university’s 
Advanced  Network  Computing  Laboratory.  The  program  also  en¬ 
ables  information  sharing  among  UH  and  Hawaii’s  K-12  schools. 

The  Acumula  smart  replication  and  storage  management  software 
is  based  on  Acirro’s  Global  Distributed  File  System  technology.  The 
software  lets  users  combine  data  across  storage  devices,  networks 
and  formats.  They  can  aggregate  diverse  NAS  and  SAN  devices 
regardless  of  physical  locale,  and  get  one  view  of  storage  files. 

“Server  aggregation  seems  to  be  a  pretty  good  driving  force,” 

Chee  says,  pointing  out  that  his  department  has  collected  a  variety 
of  stand-alone  servers,  ranging  from  Windows  2000  running  Micro¬ 
soft’s  C1FS,  Unix  boxes  running  NFS  and  “dumb”  NAS  boxes. 

“Going  to  a  system  that  will  present  all  of  our  data  on  a  single 
login  is  a  good  thing,”  he  says.  “This  type  of  system  also  allows 
me  to  further  hide  the  NFS  boxes  behind  firewalls  and  get  quite  a 
bit  more  aggressive  on  firewall  rules.” 

UH  hasn't  yet  decided  to  roll  out  DFS  beyond  the  pilot  program, 
but  has  seen  operational  improvements.  For  example,  Chee  says 
the  DFS  has  reduced  the  amount  of  human  intervention  tradition¬ 
ally  necessary  to  synchronize  local  Web  and  FTP  storage  of 
classroom  support  materials. 

“Some  materials,  such  as  video  [and]  compiled  Java  libraries,  can 
become  quite  large,”  he  says.  “Instead  of  forcing  the  students  to 
wait  for  a  long  download  over  the  WAN  link  between  campuses,  DFS 
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provides  a  way  for  faculty  to  drop  their 
material  onto  locally  mounted  devices. 
They  can  expect  the  material  to  show 
up  on  outer-island  campuses  without 
human  intervention,”  he  explains. 
Chee  adds  that  DFS  for  storage 
A  — works  well  with  the  file  sys- 
f  terns  that  come  with 


NAS  devices, 

/ 

into  DFS 


neous  clients  share  files  across  high¬ 
speed  storage  network  connections. 
ADIC  says  with  CentraVision,  users  can 
share  storage  resources  among  Linux, 
Windows  and  Unix  servers  so  all  stor¬ 
age  looks  native  to  all  hosts.  The  file 
system  “owns”  the  storage  and  re¬ 
places  individually  managed  volumes 
and  NAS  devices.  For  example,  data  on 


A  variety  of  vendors  are  developing  distributed  file  systems  for  storage. 
Here  is  a  sampling: 


Vendor 

Product 

Description 

Acirro 

Acumula 

Global  DFS,  with  embedded  NAS  aggregation, 
automated  capacity  management  and  smart 
replication. 

DataCore 

Software 

SANsymphony 

Open  storage  management  for  homogeneous  and 
heterogeneous  IT  environments. 

LSI  Logic 

TotalNET  Advanced 
Server  7.0 

Converged  NAS  and  SAN  infrastructure  enables 
seamless  access  to  block-  orfile-oriented  information. 

Scale  Eight 

Distributed  Storage 
Software 

Storage  platform  for  creating  scalable,  single-image 
NAS  pools. 

Zambeel 

Aztera 

Enterprise-class  NAS  product  with  scaling  and 
resource  provisioning. 

including  NFS  for  Unix  boxes  or  CIFS 
for  Microsoft  servers.  “The  promise  is 
tremendous,”  he  says.  “1  will  eventually 
have  a  mix  of  both  Active  Directory 
and  NFS/N1S  authentication.  This  sys¬ 
tem  will  allow  me  to  front-end  both  envi¬ 
ronments  and  allow  me  to  integrate 
both  together  for  the  first  time.  It  is 
going  to  make  it  possible  to  consolidate 
servers  logically  so  that  my  less-sophis¬ 
ticated  users  can  stay  in  their  native 
environment  instead  of  having  to  eat  the 
learning  curve  for  something  new.” 

Other  DFS  tools  also  are  geared 
toward  heterogeneous  environments. 
ADIC’s  CentraVision  2.0  software,  for 
example,  is  intended  to  let  heteroge- 


a  Fibre  Channel  disk,  is  shared  through 
servers  to  many  hosts  without  sepa¬ 
rate  controllers. 

But  Clipper  Group’s  Kahn  cautions 
enterprise  users  to  take  care  when 
deploying  DFS  in  multivendor,  multiplat¬ 
form  environments.  “DFS  products  tend 
to  work  best  in  homogeneous  environ¬ 
ments;  for  heterogeneous  environ¬ 
ments,  they  tend  to  be  immature  and 
not  high-performing,”  Kahn  notes. 

The  politics  of  DFS 

Network  professionals  who  want  to 
try  DFS  storage  software  must  navigate 
more  than  the  waters  of  new  technol¬ 
ogy.  DFS,  because  it  layers  a  file  system 


over  NAS  and  SAN  devices,  can  stir  up 
choppy  intercompany  political  waves 
over  ownership. 

UH's  Chee  can  see  the  potential  diffi¬ 
culty.  “At  this  moment,  management  of 
my  lab  servers  [Active  Directory]  and 
my  Unix  machines  [Lightweight  Direc¬ 
tory  Access  Protocol]  is  not  run  by  the 
same  person,”  he  says.  “While  such  a 
move  is  possible  —  integrating  two  rel¬ 
atively  independent  groups  will  be  a 
challenge.” 

Even  so,  Chee  is  eager  to  tap  into  the 
DFS  storage  pool.  He  predicts  that 
even  if  there’s  a  DFS  collision  of  sorts 
between  his  more  “backroom”  Active 
Directory  folks  and  the  Unix  folks  who 
like  to  mix  more  with  the  UH  faculty, 
everyone  will  eventually  learn  to  swim 
without  drowning.  “1  can  still  see  such 
integration  as  being  possible  and  good 
for  the  department  in  the  long  run,” 
he  says. 

Ryan-Garcia  is  a  freelance  journalist 
in  Coram,  N.  Y.,  specializing  in  the  storage 
industry.  She  can  be  reached  at 
freshcontent.com. 
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DFS  in  demand 

In  a  recent  survey  of  network  professionals  attending  Network 
World's  summer  seminar  tour  "Storage  Town  Meeting:  Ensuring 
Business  Continuity,"  here's  how  respondents  answered  these 
questions: 


Do  you  have  geographically  dispersed  NASs  or  SANs?  Would  you  like  to  manage  these  as  a  single  storage  pool? 


96  respondents 


Yes 

38% 


Storage:  Picnic  or  panic?  0 
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36  respondents 


No  No 

60%  6% 


No  answer  Yes 

2%  94% 
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Bluefin 

on  the  management  menu 


This  draft  specification 
opens  storage  man¬ 
agement  and  makes 
SANs  more  appetizing 

■  BY  DENISE  DUBIE 


Rick  Bauer  knew  he  needed  the  power  and  speed  of  a  storage-area 
network  to  back  up  the  3  terabytes  of  content  a  new  online  learning 
environment  would  require,  but  he  had  a  few  reservations  about  com¬ 
mitting  education  dollars  to  a  SAN. 


“I  wanted  to  make  sure  we  weren’t 
investing  in  something  that,  down  the 
road,  would  make  us  an  island,”  says 
Bauer,  who  is  CIO  at  The  Hill  School,  a 
private  high  school  in  Pottstown,  Pa. 

Until  recently,  The  Hill  School  mostly 
used  network-attached  storage  devices 
And  although  Bauer  says  the  idea  of  a 
high-speed  SAN  interconnect¬ 
ing  disparate  data  storage 
devices  appealed  to  him,  ven¬ 
dor-specific  management  tools 
weren’t  in  the  budget. 

“We  didn’t  really  have  an 
incremental  growth  path  for 
storage  or  the  financial  justifi¬ 
cation  for  a  SAN,”  Bauer  says. 

But  recent  developments 
changed  Bauer’s  mind. 

Encouraged  in  large  part  by 
the  Storage  Network  Industry 
Association’s  (SNIA)  work  on  a 
multivendor  management 
specification,  next  week  Bauer 
is  rolling  out  a  SAN  at  The  Hill 
School.  He  will  manage  the 
SAN  via  Hewlett-Packard’s 
Open  View  network  manage¬ 
ment  software. 

Because  he  sits  on  the  SNIA 
Customer  Executive  Council, 

Bauer  got  a  sneak  peek  this 
summer  at  the  draft  specifi¬ 
cation,  dubbed  Bluefin.  “This 
wasn’t  slideware.  These  were 
things  being  hammered  out,” 


he  says.  “Bluefin  is  about  real  interop¬ 
erability.  It’s  more  than  something 
bolted  on  something  for  marketing.” 

Biting  into  Bluefin 

Bluefin  provides  a  method  for  manag¬ 
ing,  configuring  and  securing  distrib¬ 
uted,  multivendor  storage  resources  in 
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Rick  Bauer,  CIO  of  The  Hill  School,  highly  antici¬ 
pates  digging  into  Bluefin-compliant  SANs. 


e 


a  SAN  via  a  common  messaging  inter¬ 
face.  Vendors  supporting  Bluefin  would 
open  their  APIs  so  storage  managers 
could  tap  into  management  data  from 
any  compliant  storage  resource. 

Ultimately,  open  management  will  let 
customers  pick  and  choose  products 
from  multiple  vendors  for  their  SANs, 
proponents  say. 

While  efforts  to  develop  a  common 
management  interface  for  storage  began 
in  1999,  only  in  May  did  that  group  of  17 
storage  vendors  —  called  the  Partner 
Development  Process  (PDP)  —  hand 
their  draft  specification  over  to 
SNIA  for  finalization. 

In  August,  the  SNIA  formally 
accepted  Bluefin,  renamed  it  the 
Storage  Management  Interface 
Specification  and  created  the 
Storage  Management  Initiative 
to  spearhead  ongoing  develop¬ 
ment.  SNIA  aims  to  turn  Bluefin 
—  as  it  continues  to  be  infor¬ 
mally  called  —  into  a  fully 
accredited  standard. 

The  SNIA  plans  to  demonstrate 
Bluefin-compliant  products  at  the 
Storage  Networking  World  con¬ 
ference  in  October.  Product  are 
expected  to  start  shipping  in 
early  2003. 

That’s  good  news  for  many 
enterprise  users.  In  a  recent  sur¬ 
vey  of  96  network  professionals 
attending  Network  World’s  sum¬ 
mer  seminar  tour  “Storage  Town 
Meeting:  Ensuring  Business 
Continuity,”  68%  said  they’d  like 
to  see  their  storage  vendors  com¬ 
ply  with  Bluefin.  And  22%  said 
they  would  insist  on  it. 
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“The  real  dream  of  SANs  for  end  users 
is  that  a  set  of  vendors  could  walk  in 
and  plug  SAN  management  into  their 
data  center,  wire  together  all  the  com¬ 
puting  and  storage  resources,  and  start 
the  practice  of  sharing  those  resources,” 
says  Roger  Reich,  PDP  chair  and  a  sen¬ 
ior  technical  director.  “The  storage 
industry  has  finally  figured  it  out.  If  we 
don’t  work  together,  customers  are  not 
going  to  buy  SANs.” 

Tough  to  chew 

Bluefin  is  built  on  the  Distributed 
Management  Task  Force’s  Web-based 
Enterprise  Management  initiative,  which 
includes  the  Common  Information 
Model  for  managing  network  infrastruc¬ 
tures,  along  with  a  data  model,  a  trans¬ 
port  mechanism  that  uses  HTTP  and 
encoding  that  uses  XML.  By  tying  these 
tools  together,  Bluefin  would  help  stor¬ 
age  administrators  collect  and  view  data 
from  different  vendors’  storage  re¬ 
sources  in  the  same  format,  and  ideally, 
would  let  storage  managers  manipulate 
SANs  from  a  centralized  location. 

Bluefin,  installed  as  agent  software  or 
software  on  a  proxy  server,  would  let 
management  software  retrieve  data  and 
take  the  necessary  action  to  reallocate 
resources  or  lock  down  a  device  when 
multiple  applications  are  trying  to  ac¬ 
cess  the  device  (see  story,  right).  For 
example,  Bluefin  agent  software  in  a 
host  bus  adapter  would  enable  a  stor¬ 
age  application  to  discover,  manage  and 
control  the  adapter’s  resources  and 
apply  them  where  needed  throughout 
the  SAN. 

While  Bluefin  looks  good  on  paper, 
some  industry  watchers  aren’t  sure  how 
it  will  work  in  practice.  They  wonder 
how  far  vendors  will  go  to  interoperate 
and  are  worried  that  some  vendors  will 


tack  extensions  onto  the  specification 
that  would  let  them  better  manage  and 
differentiate  their  storage  products. 
Doing  so  would  obviously  make  multi¬ 
vendor  management  more  difficult,  and 
the  idea  of  a  common  management 
interface  is  still  elusive. 

Others  are  worried  that  Bluefin  will 
not  provide  adequate  management 
capabilities.  That’s  the  concern  of  Chris 
Bartram,  senior  HPe3000  systems 
administrator  and  a  consultant  for  the 
U.S.  Mint  in  Washington,  D.C.  While  not 
familiar  with  Bluefin,  Bartram  says  he’s 
worried  a  “common  denominator”  pro¬ 
vided  by  standards-based  tools  would 
“dumb  down”  management  interfaces. 

“I’d  be  worried  that  we’d  lose  access 
to  some  of  the  differentiating  factors 
that  caused  us  to  choose  one  vendor’s 
product  over  another’s  in  the  first 
place,”  Bartram  says.  But  he  adds  that 
he  would  be  interested  in  seeing  net¬ 
work  management  companies  such  as 
HP  and  IBM  Tivoli  adopt  Bluefin  if  it 
does  become  a  standard.  Then  SAN 
management  simply  could  become  an 
add-on  module,  he  says. 

Other  industry  watchers  think  Bluefin 
stops  short  in  supporting  only  SANs. 
“The  industry  has  to  recognize  that 
storage  is  storage  no  matter  what  the 
line  protocol  looks  like,”  says  Bob 
Zimmerman,  a  vice  president  at  Giga 
Information  Group.  He  says  the  type  of 
network  —  Fibre  Channel,  Ethernet, 
TCP/IP  —  shouldn’t  matter  to  a  com¬ 
mon  storage  management  interface.  But 
Bluefin  could  eventually  be  extended  to 
support  network-  or  server-attached 
storage  devices,  Reich  contends. 

Yet,  Zimmerman  says  he’s  excited  by 
Bluefin’s  potential  to  give  users  broader 
access  to  their  storage  resources,  to 
give  them  more  flexibility  in  purchasing 


The  Bluefin  base 

The  proposed  Bluefin  specifica¬ 
tion  has  a  strong  base  in 
Distributed  Management  Task 
Force  and  Internet  Engineering  Task 
Force  developments. 

Bluefin: 

•  is  built  on  the  DMTF's  Web- 
based  Enterprise  Management  ini¬ 
tiative,  which  includes  the  Common 
Information  Model  for  managing 
network  infrastructures,  along  with 
a  data  model,  a  transport  mecha¬ 
nism  that  uses  HTTP  and  encoding 
that  uses  XML. 

•  uses  the  open  management  capa¬ 
bilities  found  in  the  lETF’s  longstand¬ 
ing  and  much  used  SNMP,  but  aims 
to  go  beyond  passive  monitoring  to 
actual  control, 

•  includes  the  lETF's  HTTP  digest 
access  authentication  and  transport 
layer  security  protocol. 

•  supports  the  IETF  service  loca¬ 
tion  protocol  for  discovery  and  con¬ 
figuration  of  network  devices  and 
capabilities. 

—  Denise  Dubie 

Get  more  information  on 
Bluefin’s  standards  base. 
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product,  to  reduce  their  management 
costs  and  to  help  them  more  efficiently 
use  their  storage  capacity. 

The  Hill  School’s  Bauer  is  hooked  on 
those  promises. 

“I  look  on  with  anticipation,  and  I’m 
probably  not  going  to  be  the  first  cus¬ 
tomer,”  Bauer  says.  “Yet  I  was  amazed  at 
the  specifics  Bluefin  seemed  to  address. 
Maybe  the  talk  and  hyperbole  of  two 
years  ago  has  given  way  to  reality.”  ■ 


Bluefin  believers 

In  a  recent  survey  of  network  professionals  attending  Network 
World's  summer  seminar  tour  "Storage  Town  Meeting:  Ensuring 
Business  Continuity,"  here's  how  respondents  answered  these 
questions: 


Storage:  Picnic  or  panic? 
£ 


If  Bluefin  becomes  a  standard,  how  would  it  impact  your  Would  you  like  to  see  Bluefin  extended  for  NAS,  DAS  and 
storage  buying  decisions?  other  storage? 


96  respondents 


00 


Insist  on 
compliance 

22% 


Prefer 

compliance 

46% 


No  answer 

10% 


No  impact 

22% 


Yes 

77% 


No 

—  7% 

No  answer 

— 16% 
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New-style  automated  hierarchical  storage  management 
products  add  more  smarts  to  managing  aging  data. 

■  BY  DENI  CONNOR 


What  once  was  old  is  new  again  with  policy-based  storage  man¬ 
agement  software.  It  could  change  the  way  companies  think  about 
how  they  store,  archive,  back  up  and  recover  corporate  data. 


This  new  breed  of  storage  software  takes 
the  concepts  introduced  with  traditional 
hierarchical  storage  management  (HSM) 
tools  and  extends  them.  Not  only  will  this 
software  increase  the  utilization  of  storage, 
reduce  back-up  and  recovery  times  and  ar¬ 
chive  data,  but  it  also  will  manage  the  hier¬ 
archy  of  data  from  its  creation. 

With  this  automated  storage  manage¬ 
ment  software,  IT  managers  will  no  longer 
need  to  devote  hours  —  if  not  days  —  to 
moving  aging  data  from  expensive,  enter¬ 
prise  storage  arrays  to  less-expensive,  near¬ 
line  tape  or  offline,  archival  media.They 
won’t  have  to  write  scripts  to  identify  what 
data  needs  moving,  or  groom  disks  con¬ 
stantly  to  eliminate  files  that  are  no  longer 
required  by  law  or  company  policy.  And 
gone  will  be  the  days  spent  culling  data 
from  disks  because  drives  have  reached 
their  capacity  or  redistributing  data  to 
other  disks  to  achieve  maximum  use. 

That’s  not  all.  Automated  storage  manage¬ 
ment  software  extends  the  reach  of  tradi¬ 
tional  HSM  tools  by  looking  at  data  in  use 
and,  following  set  policies,  making  deci¬ 


sions  on  how  applications  or  business 
processes  are  tied  to  the  data. 

Such  tools  will  become  increasingly  desir¬ 
able  as  users  struggle  to  cope  with  un¬ 
wieldy  —  and  costly  —  data  stores,  says 
Jamie  Gruener,  senior  analyst  with  The  Yan¬ 
kee  Group. The  Yankee  Group  estimates  the 
market  for  automating  the  provisioning  of 
storage  for  apps  at  $500  million  by  2005. 

“The  fact  that  storage  is  such  a  growing 
part  of  the  IT  budget  will  force  customers 
to  find  ways  to  track  storage  automatically 
[starting]  at  the  application  and  business 
level,”  Gruener  says.“Once  a  customer 
knows  the  storage  requirements  each  spe¬ 
cific  application  needs,  rolling  out  applica¬ 
tions  can  become  an  automated  task,  sav¬ 
ing  precious  personnel  time  spent  on 
doing  this  function  manually’ 

Automation  by  application  works  in  pro¬ 
visioning,  resource  management,  back  up 
and  recovery,  and  the  archiving  of  data. 

Attorney  privilege 

New  York  law  firm  Weil.Gotshal  &  Manges 
sees  promise  in  such  tools  for  archiving 


e-mail  attachments,  for  example. 

“Being  a  law  firm,  a  lot  of  stuff  that  used 
to  come  by  FedEx  is  now  coming  by 
email,” says  Steve  Kedem, senior  network 
engineer  with  the  firm  who  manages  8  tera¬ 
bytes  of  data  on  Hewlett-Packard,  Hitachi 
and  MTI  storage.’The  volume  of  data  we 
are  getting  is  growing  exponentially  . . . 
because  of  attachments,”  he  says,  noting 
that  data  is  replicated  to  other  locations  as 
many  as  four  times  for  fault  tolerance. 

And  Kedem  sees  no  end  in  sight.  He 
anticipates  the  amount  of  stored  data  will 
only  increase  because  law  firms  may  be 
required  to  archive  mail  for  seven  years.  So 
the  firm  is  evaluating  products  that  would 
let  it  separate  attachments  and  store  them 
centrally  thus  saving  disk  space,  Kedem 
says.  He  is  looking  at  policy-based  e-mail 
archiving  products  from  FalconStor  Soft¬ 
ware,  IBM,  Legato  Systems  and  Sun  that 
migrate  messages  to  tape  after  storing  them 
on  disk  for  a  specified  amount  of  time. 

“We  are  looking  at  software  now  that  will 
not  only  consolidate  [mail]  but  automati¬ 
cally  archive  it.  The  key  is  to  make  it  all 
transparent  to  the  userr  Kedem  says. 

Traditional  HSM,  while  automating  data 
backup,  recovery  and  archiving,  doesn’t 
touch  data  that  is  still  being  managed  as 
part  of  an  application,  even  if  that  data 
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hasn’t  been  accessed  in  a  certain  amount 
of  time.  HSM  can’t  predict  that  a  disk  drive 
failure  will  interrupt  an  application.lt  can’t 
retain  data  from  a  specific  application 
based  on  rules  that  say  it  must  be  archived 
on  nonrewritable  media  because  of  a  fed¬ 
eral  regulation. 

Brent  Hawkins,  network  administrator  for 
Earl  Walls  Associates,  an  architectural  and 
engineering  firm  in  San  Diego,  knows  the 
limitations  of  traditional  HSM.  He  uses 
Computer  Associate’s  HSM  for  NetWare  and 
CaminoSoft’s  Highway  Server  software  to 
store  files  associated  with  completed  labo¬ 
ratory  design  projects.  But  he’d  like  greater 
flexibility  in  the  type  of  files  migrated. 

“We  have  a  volume  with  thousands  of 
project  directories.  Under  these  projects  is 
a  set  of  directories,  with  one  being  an 
‘archive’  directory.  With  the  CA  software,  we 
set  up  a  policy  to  migrate  files  within 
this  directory  onl^’he  says. 

Now  Hawkins  is  looking  into  new  pol¬ 
icy-based  storage  management  tools 
that  would  set  policies  for  moving 
data  based  on  project  status. 

HSM  hasn’t  evolved  in  the  open 
systems  arena,  either.  In  this  environ¬ 
ment,  when  more  storage  is  needed, 
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IT  managers  tend  to  buy  more  inexpensive 
disk  arrays.They  don’t  cull  data  out  or  mi¬ 
grate  it  to  less-expensive  devices. 

Even  Kedem  is  tempted  by  the  allure  of 
inexpensive  disks. 

“Disk  is  becoming  so  cheap,  it  is  almost 
worth  it  to  keep  it  on  disk,"  he  says. 

But  buying  more  disks  compounds  the 
storage  management  problem.  As  disk 
capacity  grows,  management  headaches 
increase.  Managing  all  the  storage  and 
making  good  decisions  on  where  it  should 
reside  is  getting  too  complicated  and  tak¬ 
ing  too  much  time  to  do  manually.  Data 
that  hasn’t  been  accessed  in  a  year  is 
being  kept  on  enterprise  arrays,  taking  up 
space  that  data  generated  by  business-criti¬ 
cal  applications  needs. 

“Most  shops  put  data  on  a  box,  and  it 
stays  there  effectively  forever,  whether  or 
not  the  value  of  that  data  merits  being  on 
that  resource  any  longer;”  says  Steve  Du- 
plessie, senior  analyst  with  Enterprise  Stor¬ 
age  Group. 

IT  managers  stop  only  long  enough 
to  back  up  that  data  to  tape,  snapshot  it 
to  another  disk  or  replicate  it  to  an 
expensive  disk  in  another  location. 
“Rarely  do  you  see  any  true  proactive 


management,  where  shops  scour  the  data 
they  have  on  devices  and  move  it  to  a 
smarter  spot,”  Duplessie  says. 

Storage  provisions 

Now  with  automated  storage  resource 
management  and  provisioning,  IT  man¬ 
agers  can  apply  rules  and  thresholds  to 
capacity  and  utilization  monitoring  and 
provision  storage  according  to  applica¬ 
tion  need. 

Products  from  start-ups  such  as  AppIQ, 
Invio  Software  and  CreekPath  Systems 
examine  how  frequently  data  is  accessed, 
the  importance  of  the  data  to  the  business, 
and  the  time  it  takes  to  retrieve  it.  With 
these  packages, a  network  manager  could 
specify  that  a  mission-critical  Oracle  data¬ 
base  be  recovered  before  any  other  appli¬ 
cation  in  the  event  of  a  failure. 

Alternately  network  managers  could  set 
policies  granting  more  bandwidth  for 
backups  to  mission-critical  applications. 
CreekPath  is  one  of  the  only  start-ups  ship¬ 
ping  such  a  product.  Its  AIM  software  de¬ 
fines  three  types  of  policies:  explicit,  rules- 
based  and  constraint.  Explicit  policies  are 
user-definable  rules  affecting  specific 
parameters  such  as  RAID  levels.  In  an 
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Considerations  for  data  migration  and  retention 

Analysts  recommend  that  corporations  decide  when  to  migrate  data  to  less-expen¬ 
sive  disk  or  tape  storage  based  on  a  number  of  factors: 

•  Application  type.  You  probably  need  to  keep  mission-critical  databases  online 
for  years. 

•  Age  of  the  data,  if  no  one  has  accessed  data  for  six  months,  consider  migrating 
it  to  less-expensive  media. 

•  Data  type.  Consider  moving  data  such  as  digital  X-rays  that  doesn't  change  but 
is  still  needed  —  what  EMC  calls  static  content  —  to  iess-expensive  disk  media. 

•  Laws  regulating  data  retention.  Consider  if  your  company  needs  to  archive 
e-maiis  or  accounting  data  because  of  SEC  rules  or  other  regulatory  requirements. 

•  Network  considerations.  Examine  the  cost  per  megabyte  of  storage,  retrieval 
speed  and  capacity  limits. 

—  Deni  Connor 


explicit  policy  a  volume  might  be  mirrored 
remotely  to  another  device  to  ensure  avail¬ 
ability:  Rules-based  policies  invoke  a  spe¬ 
cific  user  or  system  action  when  an  event 
occurs.  For  instance,  AIM  will  notify  admin¬ 
istrators  when  a  drive  is  underutilized  so 
they  can  shift  storage  to  it.  Constraint-based 
policies  put  limits  on  a  device  —  if  the  de¬ 
vice  is  used,  it  also  must  be  mirrored  to  a 
remote  array  for  fault-tolerance. 

But  storage  management  companies 
such  as  BMC  Software,  CA  and  IBM  Tivoli 
are  getting  into  the  game,  too.  BMC  offers 
automated  storage  management  with  its 
Application-Centric  Storage  Management 
initiative,  and  CA  and  EMC  promise  such 
capability  by  year-end.  Meanwhile, Tivoli 
has  promised  to  announce  a  policy-based 
storage  resource  management  package 
later  this  month 

Fast  recovery 

Automation  is  being  applied 
smarter  than  ever  before  to  the 
back-up  and  recovery  process, 
in  an  effort  to  address  rising 
concerns  about  business  conti¬ 
nuity  borne  out  of  the  Sept.  1 1 
tragedy  In  a  recent  survey  of  96 
network  professionals  attend¬ 
ing  Network  World's  summer 
seminar  tour“Storage  Town 
Meeting:  Ensuring  Business 
Continuity 41%  said  they  are 
currently  upgrading  or  plan  to 
upgrade  their  business  conti¬ 
nuity  plans,  while  24%  said 
they  revised  their  plans  within 
the  last  six  months. 

Start-ups  such  as  Avamar  Technologies 
are  developing  policy-based  software  that 
saves  data  to  inexpensive  disks  rather  than 
tape,  thus  speeding  the  back-up  and  recov¬ 
ery  process  and  shrinking  the  amount  of 
time  a  customer  must  reserve  for  backup. 


Other  vendors  that  have  jumped  into  this 
arena  include  Atempo,  EMC,  Legato,  Net¬ 
work  Appliance,  OTG  Software,  QLogic  and 
Quantum  with  products  that  replace  tape 
with  inexpensive  Advanced 
Technology  Attachment  drives 
from  which  data  can  be  recov¬ 
ered  more  quickly  Companies 
claim  data  is  restored  from 
disk  as  much  as  100  times 
faster  than  tape. 

Connected,  a  PC  manage¬ 
ment  and  data-recovery  com¬ 
pany  in  Framingham,  Mass., 
which  backs  up  about  1  mil¬ 
lion  computers  for  several 
large  clients,  has  turned  to 
EMC’s  Centera  hardware  and 
software  for  automated  storage 
operations.The  company  is 
replacing  tape  drives  with  Centera’s  inex¬ 
pensive  disk  and  using  policy-based  soft¬ 
ware  to  migrate  data  from  primary  Symme- 
trix  storage  to  Centera  after  it  reaches  a  cer¬ 
tain  age,  says  Tom  Hickman,  engineering 
operations  manager. 

“The  data  is  stored  first  on  Fibre  Channel- 


attached  storage,”  he  says.“The  server  has  a 
threshold  control  [which  is  set  in  software] 
—  say  you  allocated  100G  bytes  to  store 
data  on. When  capacity  reaches  85%,  the 
migration  utility  sends  the  data  automati¬ 
cally  to  a  tape  library  or  to  the  Centera.” 

Setting  policies  and  then  letting  Centera 
and  its  software  act  on  them  saves  Hickman 
from  having  to  perform  the  tasks  manually 

Automation  is  even  coming  to  the 
process  of  back-up  reporting.  Backup- 
Report  software  from  start-up  Bocada 
gathers  completion  records  from  CA, 

HR  Legato,  Microsoft  and  Veritas  back-up 
software  running  on  a  network  and 
compiles  them  in  a  single  set  of  reports. 
BackupReport  costs  $500  per  server, 
and  could  save  IT  managers  consider¬ 
able  time. 

Some  large  companies  run  as  many  as  40 
back-up  packages,  vendors  say. 

No  doubt,  policy-based  automated  stor¬ 
age  promises  to  ease  the  management  of 
rapidly  growing  and  out-of-control  media. 
When  automation  hits  storage,  users  will 
have  the  luxury  of  setting  policies  and  let¬ 
ting  the  system  do  the  work.  ■ 


More  online! 


Data  is  created,  then  provisioned 
and  managed,  protected,  distributed 
and  migrated,  preserved  and,  finally, 
deleted.  Go  online  for  a  rundown  on 
software  for  addressing  various 
stages  of  data’s  life  cycle. 
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Fast,  accurate,  automatic.  Perfect  backup  and  restore  for  small  and  midsize  businesses. 


If  it's  worth  creating,  it's  worth  saving  with  Dantz  Retrospect® 
Retrospect  is  simply  the  most  intelligent  backup  software  for 

-  fast,  thorough  backups  and 

100%  accurate  restores  of  your 
critical  business  data. 


"Retro sped  creates  its  oum 
backup  filing  system  that 
combines  for  speed,  convenience 
and  easy  management,  giving 
ms  good  reason  to  designate 
it  a  World  Class  product.” 

-  Network  World 


Retrospect's  patented  technolo¬ 
gy  automates  backup  and 
restore  of  notebooks,  desktops, 
file  servers,  and  line-of-business 
application  servers  such  as 
SQL  and  Exchange.  There's 
no  complex  manual  scheduling  or  tape  juggling.  Backup 
schedules  are  automatically  adjusted  ensuring  that  every 
computer  on  the  network  is  protected  -  even  notebooks  that 
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come  and  go.  Retrospect  supports  Windowsf  Linux,  Solaris, 
and  Macintosh®  and  adapts  easily  to  your  existing  data 
storage  hardware. 

Trusted  worldwide  in  millions  of  computers  daily,  Retrospect 
is  the  intelligent  solution  for  businesses  that  must  rely  on 
perfect  file  protection,  every  time,  every  day. 

Dantz  Retrospect.  It's  the  only  backup  software  you  will 
ever  need. 

Start  today  with  the  Top  10  Backup  Tips, 
visit  www.dantz.com/v6 
or  call  1-800-225-4880 
for  more  information. 


Intelligent  Backup  and  Restore 

©2002  Dantz  Development  Corporation.  Retrospect  and  the  Dantz  logo  are  registered  trademarks 
of  the  Dantz  Development  Corporation.  Ail  other  trademarks  are  the  property  of  their  respective  owners. 


dantz 


5  cool  things  to  do  while  you  wait  for  a  disaster  to  hit  your  company. 

1.  Test  new  applications. 

2.  Deploy  new  applications. 

3.  Shorten  backup  windows. 

4.  Refresh  data  warehouses. 

5.  Take  a  whole  hour  for  lunch. 
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where  information  lives 


Business 

Continuity 


See  how  EMC  networked  storage  can  deliver  a  business  continuity 
solution  that  makes  your  business  more  productive. 

Get  the  new  data  integrity  white  paper  at  www.EMC.com/continuity. 
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Voice  systems  go  for  a  ride 

High-tech  giants  blend  voice-recognition  software  with  car  services. 


■  Online  collaboration  vendor  eRoom 
Technology  has  upgraded  its 
e.Room  .net  hosted  online  work¬ 
space  software  to  include  real-time 
meeting  services  and  built-in  features 
to  support  intercompany  business 
process  workflow.  The  real-time  capa¬ 
bilities  of  eRoom.net  6.0  let  users 
launch  an  instant  collaborative  ses¬ 
sion  around  a  certain  application  such 
as  Microsoft  PowerPoint.  The  busi¬ 
ness  process  mechanism  provides 
new  approval,  management  and  re¬ 
view  capabilities.  The  software,  which 
also  has  a  new  interface,  is  targeted 
at  groups  that  need  online  collabora¬ 
tive  workspaces  on  a  project-by-pro¬ 
ject  basis.  The  hosted  software  is 
priced  on  a  per-eRoom  basis  and 
starts  at  $300  per  eRoom. 
www.eroom.com 

■  Announced  last  week,  a  new  ver¬ 
sion  of  Epicor  Software’s  Clien¬ 
tele  customer  service  software  is 
among  the  first  CRM  products  built 
around  Microsoft's  .Net  framework. 
Created  using  Microsoft’s  Visual  Stu- 
dio.Net,  Clientele  Customer  Support 
8.0  is  the  first  module  in  a  CRM  suite 
Epicor  is  revamping  to  take  advan¬ 
tage  of  .Net  features,  including  the 
platform's  XML  support  and  intended 
facilitation  of  Web  services  deploy¬ 
ments.  A  component  of  Epicor’s  11- 
year-old  Clientele  software  portfolio, 
Clientele  Customer  Support  man¬ 
ages  customer-service  communica¬ 
tions,  including  tools  for  call  manage¬ 
ment,  order  tracking  and  billing.  Next 
is  a  customer  self-service  portal  that 
will  replace  the  application  named 
ClienteleNet.The  .Net  version  of  the 
software  is  scheduled  to  enter  beta 
testing  later  this  month.  By  the  end 
of  next  year,  all  of  Clientele’s  CRM 
suite  will  be  moved  to  .Net  and  rere¬ 
leased,  the  company  says.  Clientele 
Customer  Support  works  as  a  stand¬ 
alone  application  or  as  part  of 
Epicor’s  broader  Clientele  CRM  soft¬ 
ware  package.  Customers  with 
maintenance  contracts  will  receive 
the  software  upgrade  free.  Pricing 
starts  at  $1,500  per  user. 
www.epicor.com 


■  BY  DENISE  DUBIE 

Car  shoppers  test  driving  the  2003 
Honda  Accord  this  week  need  not  worry 
about  getting  lost.  If  they  do,  all  they  have 
to  do  is  say  the  word  and  the  car  will  get 
them  back  on  track. 


■  BY  ANN  BEDNARZ 

PALO  ALTO  —  Internet  infrastructure 
start-up  Netli  is  working  on  a  way  to  help 
companies  speed  delivery  of  Web  content 
to  their  far-flung  remote  users  and  busi¬ 
ness  partners. 

The  company  will  deliver  a  service  that 
provides  remote  users  subsecond  access 
to  centrally  located  corporate  applica¬ 
tions,  such  as  a  salesperson  searching  for 
order  histories  contained  in  a  CRM  appli¬ 
cation  or  a  supplier  tapping  into  a  retail¬ 
er’s  systems  to  monitor  inventory  levels. 

While  the  company  declined  to  com¬ 
ment,  its  Web  site  states  the  service  won’t 
require  companies  to  buy  hardware,  mod¬ 
ify  Web  pages  or  install  server  software. 
Netli  says  it  will  deliver  the  service  via  a 
distributed  network  of  clustered  servers. 
The  service  network  is  compatible  with 
content  delivery  networks  and  can  work 
alongside  caches  and  server  accelerators, 
Netli  says. 

Netli’s  service  will  differ  from  that  of 
content  delivery  specialists,  such  as 
Akamai  Technologies,  which  focus  on 
speeding  delivery  of  static  content,  Netli 
says.  Its  service  will  optimize  static  and 
dynamic  content  generated  by  databases, 
query  responses  and  interactive  applica¬ 
tion  services.  Response  times  for  data 
generated  on  the  fly  and  delivered  over 
the  Internet  purportedly  will  rival  those 
that  locally  hosted  Web  applications 
achieve. 

Peter  Christy,  co-founder  of  NetsEdge 
Research  Group,  says  there’s  a  real  need 
for  tools  to  improve  Internet  performance. 
Users  have  grown  accustomed  to  eight-  to 


The  automaker  will  debut  the  2003  EX 
model  of  the  Accord,  which  along  with 
new  powertrain  and  side  airbag  features 
also  includes  what  Honda  calls  its  Touch 
by  Voice  voice-recognition  system.  The 
Accord,  2001’s  best-selling  car  in  America 
with  about  415,000  sold,  features  a  touch- 


Download  performance 

Netli  measured  Web  page  download 
speeds  for  Fujitsu,  Microsoft  and 
Oracle  over  an  average  12-hour 
period,  with  and  without  its 
performance-  enhancing  service. 

Web-page  download  speeds  In  seconds. 


|0.9 


Oracle: 

1.9 

1 0.5 

1 1 -second  response  times,  he  says. 

Indeed,  Keynote  Systems  in  its  Web 
Broker  Trading  Index  tracks  average  re¬ 
sponse  times  for  creating  a  standard  stock- 
order  transaction  on  selected  brokerage 
Web  sites.  During  a  one-week  period  in 
August,  the  average  was  9.25  seconds. 

“The  Internet  itself  —  the  routers  and 
communication  lines  —  aren’t  going  to  get 
better  in  a  way  that  fixes  performance  any 
time  soon,” Christy  says.“Clever  system  tech¬ 
nology  will  be  where  the  performance  im¬ 
provements  come  from,  primarily” 

As  an  example,  Christy  cites  Akamai, 
which  has  shown  that  relatively  simple  sys¬ 
tem  technology  can  make  an  enormous 

See  Netli,  page  30 


panel  display  and  in-car  navigation  sys¬ 
tem  that  the  company  upgraded  to  work 
with  voice  commands. 

Telematics,  or  in-car  communication 
technology,  seems  relatively  new  to  most, 
and  car  makers  around  the  world  have 
made  2002  the  year  to  unveil  their  net¬ 
work  computing  developments.  Along 
with  Honda’s  news, Toyota  announced  its 
G-Book  Information  Network  last  month. 
The  subscription  information  network 
will  offer  services  for  PCs,  PDAs  and 
mobile  phones  starting  Oct.  l.The  compa¬ 
ny  also  plans  to  roll  out  a  new  vehicle 
model  featuring  an  on-board  G-Book  ter¬ 
minal  this  fall. 

Voice  evolution 

Honda’s  voice  technology  is  the  latest 
development  of  car  makers’  next-genera¬ 
tion  Satellite-Linked  Honda  DVD  Naviga¬ 
tion  Systems  —  with  a  technology  contri¬ 
bution  from  IBM’s  Automotive  and  Tele¬ 
matics  Solutions.  IBM  worked  with  Honda 
research  and  development  to  develop  its 
Embedded  ViaVoice  technology  and  soft¬ 
ware  to  support  the  car  dealer’s  online 
navigation  system. 

Telematics  is  part  of  how  the  comput¬ 
ing  world  is  evolving, ’’says  Raj  Desai, direc¬ 
tor  at  IBM  Global  Automotive  and  Tele 
matics  Solutions.’Tn  the  future, cars  will  be 
connected  to  networks,  and  users  won’t 
be  able  to  distinguish  the  difference  be 
tween  connecting  from  their  office,  their 
home  or  their  car.” 

Telematics  enables  hands-free  and 
voiceactivated  commands,  in-car  com¬ 
puting,  wireless  Internet  access  and  emer¬ 
gency  location-based  services.  The  tech¬ 
nology  used  for  telematics  combines  the 
See  Telematics,  page  32 


More  online! 


In  addition  to  voice  recognition,  automakers 
are  making  strides  in  e-business. 

See  their  plans  for  the  future. 
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Start-up  preps  Web 
optimization  service 

Netli  aims  to  speed  application  response  times  over  ’Net. 


|  Without  Netli 
■  With  Netli 
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1  ntruVert  inspects  high-speed 


■  BY  ELLEN  MESSMER 

SAN  JOSE  —  Start-up  IntruVert  Networks 
last  week  took  the  wraps  off  a  new  line  of 
intrusion-detection  systems  that  can  reli¬ 
ably  inspect  high-speed  IP  traffic  flowing 
through  a  system  without  encountering 
problems  such  as  inaccurately  replicating 
traffic  or  missing  attack  streams. 

Racket  loss  and  other  failures  are  not 
uncommon  with  high-speed  intrusion- 
detection  systems,  which  have  to  duplicate 
traffic  to  analyze  it.  However,  beta-test  users 
who  deployed  IntruVert’s  IntruShield  4000 
appliance,  which  supports  a  maximum 
2.2G  bit/sec  of  traffic,  and  the  IntruShield 
2600  appliance,  which  reaches  600M 
bit/sec,  say  the  intrusion-detection  system 
doesn’t  falter  at  high  speeds  looking  for 
about  800  different  types  of  hacker  or 
denial-of-service  attacks. 

Although  vendors  of  gigabit-speed  intru¬ 
sion-detection  systems  continue  to  im¬ 
prove  product  performance,  the  track 
record  of  the  way  a  gigabit  intrusion-detec¬ 
tion  system  behaves  at  high  speed  has  not 
been  good.  Most  products  have  simply  not 
worked  as  intended  over  a  particular 
speed,  perhaps  600M  bit/sec  or  even  as  low 


High-speed  detection 

IntruVert  is  introducing 
intrusion-detection  appliances 
that  can  support  up  to  2.2G  bit/ 
sec  traffic  speeds. 


Product 

Price 

IntruShield  4000 

$100,000 

IntruShield  2600 

$35,000 

IntruShield  Manager 
for  Windows  2000 

$8,000 

as  200M  bit/sec  (see  www.nwfusion.com, 
DocFinder:  2028). 

The  fact  that  IntruVert  is  demonstrating 
through  lab  tests  and  in  beta  customer’s 
production  networks  that  its  2.2G  bit/sec 
appliance  can  do  the  intrusion-detection 
system’s  job  at  up  to  1.5G  bit/sec  puts  the 
company  —  with  70  employees  and  $15 
million  in  venture-capital  backing  —  in  the 
running  with  other  intrusion-detection  sys¬ 
tem  makers  in  the  high-speed  race.  These 


vendors  include  Internet  Security  Systems 
(ISS),TippingFbint  Technologies,  Intrusion, 
iPolicy  Networks  and  Recourse  Technol¬ 
ogies,  just  acquired  by  Symantec. 

“IntruVert  has  an  ASIC-driven  platform 
that  lets  it  get  this  high  performance,” says 
Larry  Holt,  senior  security  architect  at 
Computer  Sciences  Corp.  (CSC),  which 
manages  network  security  for  the  Na¬ 
tional  Library  of  Medicine,  which  is  part 
of  the  National  Institutes  of  Health  in 
Bethesda,  Md. 

This  2,400-employee  federal  government 
facility,  which  shares  journals  and  ad¬ 
vanced  research  with  other  institutions, 
uses  two  155M  bit/sec  OC-3  links  to  the 
Internet  and  a  separate  622M  bit/sec  OC-12 
link  for  research. 

After  testing  the  IntruVert  intrusion- 
detection  appliances  in  the  CSC  lab  earli¬ 
er  this  year,  Holt  installed  them  outside  the 
firewall  at  the  National  Library  of 
Medicine  and  inside  it  to  monitor  traffic, 
which  can  come  in  high  burst  rates,  such 
as  when  the  library  sends  information 
updates  to  Stanford  University  or  NASA, 
for  example. 

“When  you  go  to  gigabit  speeds,  there’s 
still  the  limit  of  actually  getting  the  packets 


Microsoft  adds  wireless  notification  services 


■  BY  JOHN  FONTANA 

Microsoft  has  announced  an  applica¬ 
tion  platform  that  will  let  corporations 
use  the  SQL  Server  2000  database  as  a 
foundation  for  creating  notification  ser¬ 
vices  for  wired  and  wireless  users. 

With  SQL  Server  2000  Notification 
Services,  network  executives  can  extend 
corporate, Web-based  and  portal  applica¬ 
tions  with  a  mechanism  that  notifies 
users  when  updates  have  been  made  to 
information  within  those  applications, 
such  as  price  changes  in  a  supply-chain 
application. 

While  notification  services  are  available 
in  many  applications,  Microsoft’s  service 
lets  companies  aggregate  all  notification 
services  onto  one  platform  so  end  users 
can  subscribe  to  those  notifications 
through  a  single  interface.  Competitor 
Oracle  offers  similar  services  and  IBM 
has  a  publish-and-subscribe  project 
called  Gryphon.  Several  smaller  vendors, 
such  as  Alerts,  Apama  and  LetMeKnow, 
offer  similar  services. 

“SQL  notification  services  is  very  scal¬ 
able,  very  clean  to  do,”  says  Mike  Felix, 
Hottrends  product  manager  for 
Townsend  Analytics,  which  develops 
financial  software. 

Last  week,  Felix  rolled  out  SQL  notifica¬ 
tion  services  for  use  with  Townsend’s 
Hottrends  application,  which  tracks  securi¬ 
ties  minute  by  minute  and  detects  when 


they  are  behaving  in  unusual  ways, such  as 
number  of  trades  or  rate  of  price  change. 

Felix  takes  the  Hottrends  feed  and 
pumps  it  into  SQL  notification  services, 
which  matches  the  data  with  the  users 
who  have  subscribed  to  it  and  pushes  out 
notifications  via  e-mail  and  in  the  future, 
mobile  devices.“We  could  have  developed 
something  similar  ourselves  but  it  would 
have  been  programming-intensive,  and  we 
didn’t  have  the  resources,”  Felix  says.“And  it 
would  not  have  been  as  scalable  or  clean 
as  what  Microsoft  has  presented.” 

He  says  the  project  required  an  invest¬ 
ment  of  a  few  thousand  dollars,  a  few 
servers,  one  developer  and  less  than  one 
month  of  work.  And  Hottrends  is  only  the 
start  of  Felix’s  use  of  notifications  that  will 
likely  include  newsletters  and  other 
financial  products,  along  with  use  inter¬ 
nally  on  applications  such  as  project 
management. 

“This  is  a  very  general-purpose  platform 
in  that  you  can  feed  almost  any  event 
into  it  and  have  users  subscribe  to  it,” says 
Peter  Pawlak,  lead  analyst  for  server  appli¬ 
cations  for  Directions  of  Microsoft,  an 
analyst  firm.  “This  is  different  than  hard¬ 
coded  systems  where  administrators 
have  to  set  things  up.  Here,  subscribers 
control  what  they  get.” 

The  notification  service  is  software  with 
SQL  as  an  engine  that  can  process  blocks 
of  events  and  using  batch  processing 
match  them  to  user  subscription  requests 


for  updates.  But  corporations  must  devel¬ 
op  their  own  front-end  interface  and 
hooks  to  enterprise  applications  and 
delivery  services,  such  as  e-mail  or  wire¬ 
less  devices. 

“Wireless  is  an  enabler  here,  and  when 
you  combine  this  with  something  like 
presence  services  you  can  make  sure 
users  get  their  notifications  on  the  device 
they  are  currently  using,”  Pawlak  says. 

Critics  say  the  addition  of  such  enter¬ 
prisewide  services  built  on  top  of  SQL 
Server  is  proof  the  database  finally  is 
stepping  up  from  the  ranks  of  depart¬ 
mental  server. 

“Companies  are  not  as  hesitant  to  use 
SQL  on  an  enterprise  level  as  they  were  a 
few  years  ago,”  says  Mark  Shainman,  a 
research  analyst  at  Meta  Group. 

SQL  Server  2000  Notification  Services  is 
an  add-on  to  SQL  Server  2000,  but  will  be 
a  built-in  feature  in  the  next  generation  of 
the  server  code-named  Yukon. 

The  software  is  available  now  and  is  a 
free  download  from  Microsoft,  but  users 
must  have  a  SQL  Server  license  to 
deploy  the  platform  and  run  notifica¬ 
tion  applications. 

Microsoft:  www.microsoft.com 
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IP  traffic 

onto  the  wire,  but  the  IntruVert  [intrusion- 
detection  system]  is  detecting  at  near-giga¬ 
bit  speed  with  100%  accuracy’ Holt  says.  He 
says  the  National  Security  Agency  has  suc¬ 
cessfully  tested  the  IntruVert  appliances  at 
well  over  gigabit  speeds. 

IntruVert  CEO  Parveen  Jain  says  eight 
beta  customers  have  been  testing  the  prod¬ 
uct  for  four  months.  He  vouches  for  its  1 ,5G 
bit/sec  rate  without  packet  loss  or  degrada¬ 
tion  in  intrusion-detection  system  attack 
recognition. 

“A  lot  of  customers  are  saying  they  need 
gigabit  performance,”  Holt  says.  He 
swapped  out  the  1SS  RealSecure  6.0  intru¬ 
sion-detection  system  sensors  for  the 
IntruVert  sensors  because  the  ISS  sensors, 
even  in  load-balancing  mode,  were  drop¬ 
ping  packets  at  high  speeds.  Holt  says  he 
hasn’t  tried  out  the  new  ISS  RealSecure  7.0 
sensor  yet. 

IntruVert:  www.intruvert.com 


Netli 

continued  from  page  29 

difference  —  nearly  tenfold  improvements 
in  Web  site  performance,  he  says. 

But  whereas  Akamai  aims  to  solve  the 
problems  of  high-volume,  mass-access  Web 
sites,  Netli  has  a  different  objective  in  tar¬ 
geting  the  performance  of  business  appli¬ 
cations.  Fewer  people  use  these  applica¬ 
tions,  but  the  users  generally  play  an 
important  role  in  a  company’s  business, 
Christy  says. 

“Netli  has  a  content  delivery  scheme  that 
has  some  of  the  attributes  of  something 
like  an  Akamai  system,  but  is  intended  to 
focus  on  data  that’s  way  down  in  the  pop¬ 
ularity  ranks,”  Christy  says. 

One  challenge  Netli  will  face  is  in  build¬ 
ing  customer  confidence.  “People  don’t 
trust  service  providers  now,  especially  new 
start-up  ones,  because  of  the  sort  of  col¬ 
lapse  of  the  whole  service  business.  So 
even  if  it’s  a  good  idea.it  might  be  an  uphill 
battle,”  Christy  says. 

Stanford  University  Ph.D.s  Michael  Khar¬ 
itonov  and  Adam  Grove,  along  with  Alexei 
Tumarkin.a  former  professor  at  the  Uni  ver- 
sity  of  California,  Santa  Barbara,  founded 
the  company  in  2000.This  trio, along  with  a 
fourth  party,  filed  a  patent  application  in 
May  that  describes  a  method  for  network 
discovery  using  name  servers.  Netli  se¬ 
cured  $17.9  million  in  funding  this  spring, 
according  to  the  MoneyTree  Survey  com¬ 
piled  by  PricewaterhouseCoopers, Venture 
Economics  and  National  Venture  Capital 
Association. 

Before  its  second-quarter  windfall,  Netli 
said  it  had  $3.2  million  in  funding.  In¬ 
vestors  backing  Netli  include  Morgen- 
thaler  Ventures,  Bessemer  Venture  Partners, 
Leapfrog  Ventures,  Alta  Fcirtners  and  Nokia 
Venture  Partners. 

Netli:  www.netli.com 


VALUE-PRICED  TAPE  AUTOMATION  THAT’S  COMPACT  YET  POWERFUL. 


The  new  Quantum  SuperLoader™  quickly  stores  up  to  3.5  TB  in  only  2U.  It  also  features  up  to  16  DLTtape 
cartridges,  sophisticated  onboard  remote  management  tools  and  convenient  ways  to  import  and  export 
cartridges.  Plus,  the  SuperLoader  is  modular,  which  means  a  low  starting  price  with  room  for  pain-free 


expansion  and  upgrades.  For  more  information,  visit 

www.quantum.com/superloader 


Quantum. 

SuperLoader 
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I’m  an  unabashed  Unix  geek.  I  recently 
installed  about  the  best  version  of 
Unix  I’ve  ever  worked  with  on  all  the 
computers  I  regularly  use.  At  the  same 
time,  I  installed  the  best  window-based 
operating  system  I’ve  ever  used  on  the 
same  machines.  Obviously  the  only  way  I 
could  have  done  both  at  the  same  time 
was  to  install  the  new  Mac  OSX  10.2  on 
my  home  and  office  computers,  and  that 
is  what  1  did. 

I’ve  used  Unix  since  AT&T  (you  remem¬ 
ber  AT&T,  it  was  once  the  big  telephone 
company  that  also  had  the  best  basic 


Enterprise  Applications 

A  happy  geek 

research  lab  in  the  world)  started  licens¬ 
ing  it  in  the  early  1980s.  Because  1  worked 
in  a  university  and  needed  good  support 
for  TCP/IP  networking,  1  mostly  used  the 
Unix  distributions  from  the  University  of 
California  at  Berkeley,  also  known  as 
Berkeley  Standard  Distribution  (BSD).  I 
never  got  into  the  almost-Unixes  from  Sun 
and  Hewlett-Packard. 

I’ve  also  been  a  Macintosh  person 
since  late  1983  but  did  not  do  a  major 
switch  to  a  Mac  as  my  basic  computing 
platform  until  1  found  MachTen  by 
Tenon,  which  is  a  version  of  BSD  Unix 
that  runs  as  a  Mac  application.  That  let 
me  run  a  single  platform  and  still  get  my 
Unix  fix.  Then  a  year  or  so  ago,  Apple 
started  shipping  the  first  version  of  OSX, 
a  full-fledged  Unix  system  with  a  Mac- 
like  shell  over  it.  It  was  not  quite  as  good 
at  being  Unix  as  MachTen  was  —  and 
the  Tenon  user  support  was  better  than 


www.nwfusion.com 


Apple’s  —  but  the  advantages  of  a  uni¬ 
fied  system  got  me  to  switch. 

Now  Apple  has  released  an  upgrade  to 
OSX  and  it’s  a  great  Unix  and  a  great  Mac. 
OSX  was  always  solid  —  only  one  of  my 
five  Macs  running  OSX  ever  crashed  and 
only  twice  at  that  —  but  OSX  was  a  bit 
slow  and  had  some  funny  quirks. OSX  10.2 
has  fixed  all  of  that  and  is  now  fast,  clean 
and  a  Unix  geek’s  dream. 

And  for  you  other  Unix  geeks,  note  that 
Version  10.2  boasts  the  following:  Every 
BSD  and  gnu  command  I  ever  use  other 
than  the  gnu  wdiff  file  comparison  utility; 
549  commands  in  /usr/bin,35  in  /bin, 60  in 
/sbin,  169  in  /usr/sbin;a  full  development 
environment;  open  source;  IPv6;  Apache 
Web  server;  name  server;  sshd;  sendmail; 
and  procmail.And  for  you  window-based 
personal  computer  (note  I  did  not  say 
“PC”)  folks,  Version  10.2  features  thou¬ 
sands  of  applications,  including  up-to-date 


Microsoft  Office  and  Internet  Explorer. 
Good  stuff. 

The  ads  say  that  OSX  10.2  can  be  a  good 
network  citizen  in  a  Windows  shop,  and 
I’ll  have  to  try  some  of  that  out  when  I  fig¬ 
ure  out  why  I  need  to  interact  with  a 
Windows  network. 

So  I’m  in  hog  heaven,  even  if  I’m  almost 
alone  in  Harvard’s  central  administration 
in  using  a  Mac  —  and  even  though  OSX 
10.2  did  away  with  the  smiling  Mac  on 
startup,  much  to  the  annoyance  of  Mac 
purists. 

Disclaimer:  My  use  of  Macs  is  a  perfect 
example  of  how  Harvard’s  and  my  opin¬ 
ions  are  not  necessarily  the  same,  but  the 
university  tolerates  me  (most  of  the  time). 

Bradner  is  a  consultant  with  Harvard 
University's  University  Information  Sys¬ 
tems.  He  can  be  reached  at  sob@ 
sobco.com. 


Telematics 

continued  from  page  29 

electronic  systems  in  automo¬ 
biles  with  satellite  communica¬ 
tions  systems  to  provide  features 
such  as  emergency  calling,  real¬ 
time  navigation  and  remote  car 
diagnoses. 

Big  growth 

According  to  research  firm  Frost 
&  Sullivan,  European  revenue  for 
telematics  hardware  and  services 
topped  $1.11  billion  in  2001,  and 
the  group  estimates  that  market 
will  grow  to  $8.05  billion  by  2007. 

But  the  North  American  market 
hasn’t  fared  so  well. The  revenue 
in  2001  for  hardware  and  service 
telematics  reached  only  $900 
million,  but  that  number  is  ex¬ 
pected  to  increase  to  $6.99  bil¬ 
lion  by  2007. 

Earlier  this  year.  Ford  Motor  and 
Qualcomm  ended  their  telemat¬ 
ics  development  to  cut  their  loss¬ 
es.  Apparently,  car  buyers  found 
the  $1,300  telematics  add-on  fea¬ 
ture  too  much  to  swallow  on  con¬ 
sumer  vehicles. 

Since  then.  Ford  has  said  it 
would  consider  embedding  tech¬ 
nology,  such  as  the  Bluetooth 
short-range  wireless  connectivity 
standard,  into  cars’  computing 
systems  to  eliminate  the  need  for 
consumers  to  pay  for  an  add-on 
feature. 

Some  telematics  capabilities  are 
available  now  from  other  car 
manufacturers  in  consumer  vehi¬ 
cles  on  a  limited  basis. 

General  Motor’s  OnStar  sub¬ 
scription  services  are  available  in 
vehicles  from  Acura,  Audi,  Buick, 
Cadillac,  Chevrolet,  GMC  and 
Saab,  among  others.  Specific 
makes  and  models  come  equip¬ 


ped  with  OnStar  OnBoard,  and 
car  owners  can  activate  the  ser¬ 
vices  via  a  handset  in  the  vehicle. 
Drivers  are  offered  a  choice  of 
three  service  plans,  including  fea¬ 
tures  such  as  stolen-vehicle  track¬ 
ing,  remote  car  diagnostics  and 
emergency  services. 

Gee  whiz 

While  the  gee-whiz  factor  of 
telematics  appeals  to  many,  in¬ 
dustry  experts  say  the  best  way 
to  sell  such  technology  is  with 
safety  guarantees.  According  to 
Strategy  Analytics  Analyst  Ian 
Riches,  the  safety  benefits  of 
GM’s  OnStar  roadside  assistance 
and  emergency  calling  features 
are  obvious,  but  telematics  pro¬ 
viders  must  find  the  safety  angle 
for  in-car  navigation  and  traffic 
information  systems  to  hit  home 
with  consumers. 

The  market  for  telematics  in 
commercial  vehicles  is  more 
mature,  considering  companies 
can  deploy  fleet  management 
software  to  track  the  location  of 
shipping  trucks  or  avoid  traffic  to 
ensure  timely  delivery. 

“This  clearly  could  be  done: 
Attempting  to  use  a  paper  map  or 
driving  erratically,  making  last- 
minute  turns  while  trying  to  find 
one’s  way  are  clearly  not  the 
safest  ways  to  making  progress,” 
Riches  says  in  a  report.  In  addi¬ 
tion, because  some  telematics  sys¬ 
tems  involve  the  use  of  cell 
phones  and  PDAs,  safety  con¬ 
cerns  about  drivers  handling 
them  is  another  issue. 

“Widespread  bans  on  the  use  of 
handheld  mobile  devices  will  not 
stop  the  [telematics]  market  in  its 
tracks,  but  they  do  represent  a 
worrying  development  in  poten¬ 
tially  restricting  the  options  for 


Gar  talk 

IBM’s  software  gives  Honda  Accord  a  voice. 


Cars  equipped  with  IBM's  voice-recogntion 
software  also  feature  a  touch-screen  display 
console,  a  microphone  and  a  Global  Posi¬ 
tioning  System  (GPS)  satellite  antenna  to 
communicate  with  IBM's  back-end  system. 


GPS  satellite 


IBM  WebSphere 
Everyplace  Server  portal 


<9 - O 

Car  platform  with 
IBM  Embedded  ViaVoice 
technology 


Drivers  initiate  a  request  with  a  phone  command,  such  as 
“find  nearest  gas  station,"  and  the  software  communicates 
via  satellite  to  IBM  databases  containing  navigation  data. 


The  software  embedded  into  the  car’s 
electronic  system  lets  drivers  read 
e-mail,  dial  cell  phones  hands-free  and 
initiate  voice-enabled  database  access. 


IBM  custom  database 
services  to  voice-enable 
large  databases 


vendors,”  Riches  says. 

IBM  initiatives 

IBM’s  deal  with  Honda  is  the 
company’s  latest  telematics  ini¬ 
tiative,  now  available  in  con¬ 
sumer  cars.  And  because  the 
Accord’s  computing  system  can 
now  respond  to  voice  com¬ 
mands,  IBM  and  Honda  might 
avoid  any  safety  concerns  re¬ 
lated  to  telematics.  In  the  past, 
Accord  drivers  could  access  an 
in-vehicle  navigation  system  by 
accessing  data  via  the  touch  dis¬ 
play.  Now  drivers  can  enjoy 
hands-free  navigation. 

The  IBM  Embedded  ViaVoice 
technology  is  included  in  Hon¬ 
da’s  computing  platform  within 
the  vehicle. 

The  car  also  includes  an  an¬ 
tenna  and  microphone  to  let  the 
voice  communications  connect 


to  a  back-end  system  via  a  Glo¬ 
bal  Positioning  System  satellite. 
Honda  supports  an  IBM  Web¬ 
Sphere  Everyplace  Server/Portal 
for  Telematics  download  on  the 
back  end.  Drivers  access  this  sys¬ 
tem  via  a  console  in  the  car  or 
by  speaking. 

The  software  recognizes  about 
150  English-language  commands, 
such  as“find  nearest  gas  station"or 
“find  nearest  ATM.”  It  also  ack¬ 
nowledges  several  accents. 

To  activate  the  Touch  by  Voice 
system,  drivers  press  a  talk  button 
on  the  Accord  steering  wheel  and 
make  a  verbal  request.  IBM’s  tech¬ 
nology  is  integrated  into  the  car’s 
audio  system  so  the  driver  hears 
the  computerized  response  over 
the  car  speakers. 

The  software  will  give  directions 
to  and  from  the  specified  address. 
The  Touch  by  Voice  voice-recogni¬ 


tion  system  is  designed  to  mini¬ 
mize  the  need  for  keyboard  entry 
The  system  also  links  to  climate 
control  systems  for  added  driver 
convenience. 

IBM’s  automotive  health  moni¬ 
toring  and  remote  diagnostics 
prototype  is  being  showcased  in 
the  Chrysler  Concorde. 

IBM  made  news  with  telematics 
last  year  when  the  company 
signed  on  with  Motorola  to  offer 
wireless  and  Web-based  telemat¬ 
ics  services  to  drivers  and  passen¬ 
gers  worldwide. 

IBM:  www.ibm.com;  Honda: 
www. honda.com 
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DB2  ROCKS  WHEN 

IT  COMES  TO  UNIX 


Benchmarks  prove  it.  Customers  swear  by  it.  DB2  is  a  better  distributed  database  than  Oracle.  Not  to  mention 
more  manageable  and  more  affordable.  And  because  it  can  work  across  any  platform,  it’s  the  perfect 
database  for  companies  large,  small,  and  growing.  DB2.  Part  of  our  winning  software  team,  along  with  Lotus? 
Tivoli?  and  WebSphere?  Check  out  the  benchmarks  and  get  a  free  TOO  report  at  ibm.com/db2/rocks 
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implementation. 


Revamped  call  centers  reduce  operating  costs 


■  BY  ANN  BEDNARZ 

Customer  service  upgrades  today  are  as  much  about 
revamping  workflow  and  business  processes  as  they 
are  about  new  technology 
Many  companies  have  core  call  center  technologies, 
such  as  call  routing,  e-mail  management,  and  online  chat 
and  customer  self-service  software.  But  the  gaps  in 
between  need  addressing,  experts  say. 

AMR  Research  found  72%  of  companies  still  route  ses¬ 
sions  through  individual  applications  rather  than 
through  a  universal  queue,  and  63%  of 
companies  with  multiple  contact  cen¬ 
ter  locations  don’t  share  interactions 
between  sites. 

Gartner  says  technologies  that  put 
client  knowledge  into  the  hands  of 
contact  center  agents  are  critical  to 
improving  call  center  efficiencies  and 
cost  savings.This  includes  staff  manage¬ 
ment,  call  tracking  and  workflow  soft¬ 
ware.  It’s  not  an  issue  of  availability: The 
market  is  ripe  with  hundreds  of  prod¬ 
ucts.  Suite  vendors  such  as  Siebel  Sys¬ 
tems,  Amdocs  and  BeopleSoft  offer 
broad  sets  of  customer  service  and  sup¬ 
port  software.  Companies  such  as  As¬ 
pect  Communications,  Blue  Pumpkin 
Software  and  Genesys  tackle  narrower 
areas  of  expertise, such  as  Web  collabo¬ 
ration  and  workforce  management. 

But  so  far  adoption  is  limited.  Gart¬ 
ner  found  just  15%  of  companies  sur¬ 
veyed  have  rolled  out  automated 
workflow  software;  41%  have  adopted  software  for 
incident  tracking;  and  37%  have  tackled  computer-tele- 
phony  integration. 

Part  of  the  problem  is  that  no  one  customer  service  and 
support  (CSS)  vendor  offers  it  all,  forcing  corporate  cus¬ 
tomers  to  buy  from  multiple  sources  and  work  to  inte¬ 
grate  the  pieces,  Gartner  says. 

But  the  payoff  of  such  integration  is  greater  efficiency  in 
handling  customer  queries,  which  can  translate  into  real 
savings.  If  a  company  can  increase  the  number  of  queries 
that  are  resolved  in  a  single  phone  call  from  an  average 
of  82%  to  91%,  it  will  reduce  overall  call  center  volume  by 
9%,  Gartner  says.  In  a  50-agent  call  center  handling  70,000 
calls  per  month,  that  can  amount  to  4.5  full-time  employ¬ 
ees.  If  each  full-time  agent  earns  $29,000,  that’s  about 
$131 ,000  saved  annually  Gartner  says. 

Timberline  Software  realized  significant  savings  by  re¬ 
vamping  its  call  center  operations.The  vendor  was  con¬ 
sidering  hiring  30  customer  service  agents  to  keep  up 
with  projected  call  volume  growth  —  a  staff  increase  it 
managed  to  avoid  by  better  managing  its  existing  talent. 

Timberline  invested  in  workforce  optimization  software 
from  Blue  Pumpkin  that  handles  agent  scheduling  and 
skills-based  call  routing.  At  the  same  time, Timberline,  of 
Beaverton,  Ore.,  revamped  the  way  its  call  center  oper¬ 
ates,  shifting  from  call-back  mode  —  a  system  that 
requires  customers  to  call  in,  leave  a  message  and  wait 
for  a  return  call  —  to  live  inbound  call  handling. 

“Going  to  live  inbound  calls  required  us  to  redesign  a 
bunch  of  different  processes," says  Mark  Brannan,  opera¬ 


tions  director  for  client  services  at  Timberline,  which 
makes  accounting  and  cost-estimating  software  for  con¬ 
struction  and  real  estate  firms. 

The  scheduling  component  replaces  a  manual  system 
based  on  Microsoft  Excel  spreadsheets.  Coupled  with  his¬ 
torical  information  about  call  volumes  and  types  of 
queries  received,  the  scheduling  software  helps  Timber- 
line  better  allocate  its  resources  and  minimize  underuti¬ 
lization  of  people. 

Another  process  that  Timberline  changed  is 
training.  As  part  of  its  Blue  Pumpkin  rollout, 


Gall  center  progress 


No  one  suite  does  it  all.  Today’s  customer  service 
centers  run  multiple  applications  for  voice,  e-mail  and 
Web  contacts  that  need  to  work  in  tandem  if  operations 
are  to  run  smoothly  and  cost  effectively. 


Challenges 

•  Integrating  data  from 
disparate  applications  and 
getting  it  to  customer 
service  agents  in  real  time. 

•  Providing  consistent 
service  whether  a  customer 
makes  contact  through  e- 
mail,  Web  or  voice  channels. 

•  Trimming  costs  without 
sacrificing  service. 


Customer 

dissatisfaction 

More  than 

75% 

of  businesses  will 
fail  to  meet 
expectations  for 
customer  service 
excellence  through 
2007,  Gartner  says. 


Strategies 

•  Consider  application  inte¬ 
gration  middleware  to  link  call 
center  programs  in  real  time. 

•  Prioritize  investments  by 
focusing  on  most-used  contact  methods.  If  customers 
prefer  phone,  consider  an  interactive  voice  response 
system  over  an  e-mail  management  system. 

•  Look  into  niche  applications  to  solve  specific  problems, 
such  as  call  tracking  software  to  improve  call  resolution 
rates,  or  workforce  automation  software  to  reduce 
staffing  inefficiencies. 


Brannan’s  team  devised  about  20  agent  specialties.Those 
specialties  make  training  easier  and  more  efficient,  he 
says.  And  it  enables  skills-based  routing  for  quicker  call 
resolution. 

“Before,  all  of  our  agents  had  to  learn  everything.They 
were  all  generalists,”  Brannan  says.“Now  our  customers 
are  getting  better  service  because  they’re  talking  to  peo¬ 
ple  with  more  expertise  who  can  answer  their  questions 
more  quickly’ 

In  its  first  year  with  Blue  Pumpkin, Timberline  says  it 
saved  $595,000  in  efficiency  and  productivity  gains  by 
staffing  the  right  number  of  people  in  the  right  places  at 
the  right  time.  It  avoided  spending  another  $1.4  million 
by  revamping  its  operations  to  handle  20%  more  calls 
without  increasing  head  count, Timberline  says. 

At  Timberline,  Brannan  focused  customer  service 
upgrades  on  telephone  interactions  because  95%  of  cus¬ 
tomers  contact  the  software  maker  by  phone. 

It’s  a  different  story  at  NutriSystem,  where  customers 
liked  online  chat, says  Deborah  Gallen.vice  president  of 
operations  for  NutriSystem’s  e-commerce  site.  Nutri¬ 
System  offers  weight-loss  counseling  and  sells  prepack¬ 
aged  foods  from  its  physical  centers.The  company  also 
runs  a  call  center  at  its  Horsham,  Pa.,  headquarters. 

When  NutriSystem  set  up  its  Web  site,  the  company 
wanted  the  Web  environment  to  be  equally  interactive 
with  online  counseling, support  groups,  chat  rooms  and 
bulletin  boards. 

“Our  biggest  challenge  was  to  be  able  to  come  online 
and  duplicate  the  experience  of  being  able  to  talk  to  our 


clients  in  a  personalized,  private  manner  Gallen  says. 

Agents  use  Divine’s  NetAgent  suite  to  view  customer 
information,  engage  in  online  chat  and  respond  to  email. 
Divine’s  Expressions  software  powers  five  online  forums 
and  one  chat  room.  NetAgent’s  thin  client  makes  it  easy 
to  deploy  remote  agents,  Gallen  says.  Some  of  her  staff 
work  onsite  at  the  call  center,  others  work  from  home. 

NetAgent  and  Expressions  are  the  only  third-party  soft¬ 
ware  NutriSystem  uses,  Gallen  says. 
Everything  else  is  custom  built  in- 
house.  The  software  is  tied  to 
NutriSystem’s  proprietary  systems  so 
remote  counselors  can  gain  access  to 
back-end  databases  and  customer 
information. 

Agents  can  be  more  productive 
with  online  chat,  because  they  can 
have  more  than  one  session  going  at 
once,  Gallen  says.  But  it  also  poses  dif¬ 
ficulties  in  that  online  chat  relation¬ 
ships  are  different  from  phone  con- 
versations.’Tone  of  voice  is  tough  to 
read, so  we  have  to  be  careful,” she 
says. 

NetAgent  scripting  features  help. 
Plus  NutriSystem  agents  have  learned 
to  control  chat  conversations  by  typing 
short,  three-  or  four-word  messages  to  avoid 
the  problem  of  everybody  writing  at  one 
time  and  nobody  waiting  for  answers, 
Gallen  says. 

Driving  Affina’s  call  center  overhaul  is  the 
need  for  better  systems  integration. The 
Peoria,  111.,  company  provides  contact  cen¬ 
ter  outsourcing  for  customers  including  Panasonic, 
Kellogg’s,  Acura  and  Energizer. 

The  company  took  a  best-of-breed  approach  to  soft¬ 
ware  in  the  past,  says  Victor  Burgess,  vice  president  and 
general  manager  of  alliances.  Affina  selected  applica¬ 
tions  based  on  functionality  and  deployed  them  on 
independent  servers. 

As  a  result,  Affina  wound  up  with  more  than  15  different 
applications  running  on  five  different  CRM  platforms  — 
four  commercial  systems  and  one  homegrown  system  — 
plus  the  associated  IT  costs  for  maintaining  each.The 
problem  was  that  information  didn’t  move  smoothly 
between  applications, says  Steve  Gonzalez,  executive  vice 
president  of  sales  and  marketing. 

Last  spring,  Affina  decided  to  migrate  its  disparate  CRM 
systems  to  one  platform  to  provide  customers  with  better 
data  in  a  more  timely  way  and  ease  its  own  IT  burden. 
Affina  chose  Oracle’s  E-Business  Suite  and  is  in  the 
process  of  moving  its  customers  to  the  new  system. 

The  biggest  change  will  be  the  opportunity  to  provide 
better  real-time  analytics,  Burgess  says.“It’s  not  just  about 
answering  the  telephone.  It’s  also  providing  some  analysis 
of  what  we’re  seeing  with  call  flow,  what  we’re  learning 
about  the  client,  and  what  we’re  learning  about  opportu¬ 
nities  for  generating  revenue,”  he  says. 

Gonzalez  says  customers  are  looking  for  more  auto¬ 
mated  voice  and  speech  technology,  and  Web  technol¬ 
ogy  to  provide  self-service  options.  Oracle’s  suite  will 
help  Affina  provide  a  more  integrated  Web  interface  to 
clients,  he  says.B 
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PLAY 


1  ]  WIN  WITH  INTEGRATION:  Nothing  fishy  about  it.  For  an  e-business 
to  thrive,  all  your  business  processes,  from  supplier  to  customer,  must 
work  together  seamlessly.  It’s  the  key  to  a  profitable  infrastructure. 

2]  WIN  WITH  WEBSPHERE:  As  the  world’s  #1  integration  software, 
WebSphere  is  the  leading  software  platform  for  integrating  business 
processes,  applications,  platforms  and  people.  WebSphere.  Part  of 
our  software  portfolio  including  DB2?  Lotus®  and  Tivoli.® 

3]  MAKE  THE  PLAY:  Visit  ibm.com/websphere/integrate  and 
see  a  Webcast  on  how  WebSphere  can  help  cut  integration  costs. 


Finally  -  the  missing  piece! 


Today's  ever-growing  data  centers  make  it  harder 
than  ever  to  get  hands-on  control  of  all  your  servers 
and  network  devices.  Now  you  can  have  direct 
access  to  every  device  in  your  data  center  from  any 
location,  all  from  a  single  screen.  Manage  and  maintain 
servers  in  your  local  rack  or  across  the  world. 


Total  system  control  over  analog  or  IP  connection 
means  complete  ‘at  the  computer’  troubleshooting 
from  anywhere. 

Now  it’s  all  falling  into  place.  Avocent's  advanced 
analog  and  digital  KVM  solutions  -  the  perfect  fit 
for  the  server  room  and  enterprise. 


For  the  complete  picture,  download  a  free  KVM  Tech  Guide  today  at 
www.kvmguide.com  or  call  1 -866-AVOCENT  (286-2368),  ext.  3005. 


Avocent  the  Avocent  logo,  “The  Power  of  Being  There",  “KVM  over  IP",  DSR,  DSView.  DS1800,  and  CPS  are  trademarks  of 
Avocent  Corporation.  All  other  marks  are  the  property  of  their  respective  owners.  Copyright  £  2002  Avocent  Corporation. 
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AT&T  to  host  key  federal  Web  portal 


■  BY  CAROLYN  DUFFY  MARSAN 

AT&T  hopes  to  raise  its  profile  in  the 
Web  hosting  market  following  its  recent 
win  of  a  high-visibility  contract  to  support 
the  federal  governments  Web  portal, 
FirstGov.gov,  which  is  one  of  the  most  vis- 


■  Global  IP  service  provider  Equant 
recently  signed  a  deal  with  content 
delivery  network  system  maker 
ActiVia  Networks,  moving  Equant 
a  step  closer  to  launching  its  global 
managed  CDN.  Equant  plans  to 
launch  the  service  late  this  year  or 
early  next  year.  ActiVia's  equipment 
will  let  Equant  route  users  on  the  net¬ 
work  to  the  server  nearest  them  and 
push  updated  content  to  servers  on 
the  network.  This  will  let  subscribers 
to  the  service  use  their  bandwidth 
more  efficiently. 

■  WorldCom  last  week  enhanced  its 
Global  Managed  VPN  service 

with  a  series  of  new  offerings.  The 
enhancements  include  a  new  plat¬ 
form  for  WorldCom’s  IP  VPN  ded¬ 
icated  service;  an  IP  VPN  remote 
access-to-frame  offering  that  lets 
telecommuters  access  frame  net¬ 
works  through  WorldCom's  IP  back¬ 
bone;  and  DSL  and  Ethernet  VPN 
access.  DSL  speeds  up  to  1M  bit/sec 
are  available  and  Ethernet  offerings 
let  users  establish  connections  of  up 
to  40M  bit/sec. 

■  Demand  for  wavelength  ser¬ 
vices  will  show  steady  growth  over 
the  next  several  years,  driving  the 
market  to  $1.6  billion  in  revenue  by 
2006,  according  to  a  recent  study  by 
Gartner.  Revenue  for  wavelength  ser¬ 
vices  should  be  $705  million  this  year, 
up  22%  from  2001,  the  study  says. 
The  biggest  growth  sector  for  wave¬ 
lengths  will  be  the  metropolitan  mar¬ 
ket,  which  the  study  predicts  will 
account  for  32%  of  the  overall  wave¬ 
length  market  by  2006,  up  from  20% 
in  2002. 


ited  sites  on  the  Internet. 

Receiving  more  than  50  million  hits  last 
year,  FirstGov.gov  is  the  central  location 
for  U.S.  citizens  to  access  online  informa¬ 
tion  about  a  variety  of  government  ser¬ 
vices,  including  passports,  taxes,  student 
loans,  benefits,  auctions  and  national 
parks.  The  popular  site  catalogs  more 
than  51  million  federal,  state  and  local 
government  Web  pages. 


AT&T  will  host  the  FirstGov.  site  on  two 
of  its  18  Internet  data  centers  worldwide. 
AT&T  also  will  design  and  deploy  a  suite 
of  managed  security  services,  including 
firewalls,  intrusion  detection,  risk  assess¬ 
ment  and  business-continuity  planning. 

The  federal  government’s  General  Ser¬ 
vices  Administration  last  month  awarded 
AT&T  a  four-year,  $7.6  million  contract  to 
host  FirstGov.gov.  AT&T’s  partners  on  the 


RBOC  struggles  seen 
putting  a  drag  on  services 


■  BY  MICHAEL  MARTIN 

BellSouth’s  recent  earnings-projection 
cut  is  only  the  latest  in  a  litany  of  finan¬ 
cial  woes  for  the  four  regional  Bell  oper¬ 
ating  companies  that  could  be  putting  a 
crimp  on  service  rollouts  and  customer 
service. 

Unlike  many  of  the  interexchange  carri¬ 
ers  and  competitive  local  exchange  carri¬ 
ers  (CLEC),  none  of  the  RBOCs  —  Bell¬ 
South,  Qwest,  SBC  Communications  and 
Verizon  —  has  filed  for  bankruptcy  But 
they  obviously  are  not  reaping  the  bene¬ 
fits  of  competing  against  fewer  players. 

“You’ll  see  their  [service]  rollout  plans 
delayed  somewhat,” says  Sandra  Palumbo, 
an  analyst  with  The  Yankee  Group. 

New  services  such  as  IP  VPNs  and  met¬ 
ropolitan  Ethernet  offerings  will  almost 
certainly  be  rolled  out  later  than  they 
would  have  been  if  the  RBOCs  were  still 
performing  well  financially,  Palumbo  says. 

“They’re  going  to  make  sure  the  demand 
is  there  first,  before  they  offer 
anything, ’’she  says. 

Courtney  Munroe,  an  analyst  with  IDC, 
says  the  RBOCs’  financial  woes  shouldn’t 
have  any  immediate  effect.  However,  the 
ongoing  difficulties  do  indicate  that  the 
RBOCs  aren’t  likely  to  begin  any  sort  of 
recovery  before  year-end,  he  says. 

In  its  revenue  warning,  BellSouth  re¬ 
duced  its  earnings-per-share  projection 
from  $2.13  to  $2.06.  The  move  followed  a 
previous  projection  cut  in  July  when  Bell¬ 
South  announced  its  second-quarter 
earnings  slid  from  $800  million  in  the 
year-ago  quarter  to  $293  million. 

The  other  three  RBOCs  also  have  had  a 
rocky  year. 


Bells  getting  rung 

None  of  the  Baby  Bells  has  had 
to  file  for  bankruptcy  like  some 
of  their  competitors,  but  their 
financial  news  hasn’t  been 
pretty. 

BellSouth:  Cut  its  2002  earnings 
projection  in  August. 

SBC:  Second-quarter  earnings  fell  more 
than  10%  from  the  year-ago  quarter. 

Verizon:  Cut  back  its  2002  earnings 
projection  in  July. 

Qwest:  Uncovered  accounting  errors  in 
July  that  have  delayed  its  second-quarter 
report  and  will  lead  to  $1.6  billion  in 
restated  earnings. 


In  July,  Qwest  uncovered  more  than  $1 
billion  in  improper  accounting  that  has 
caused  the  RBOC  to  go  over  its  books 
from  1999  to  2001  and  delay  its  second- 
quarter  report. 

Verizon  met  financial  analyst  expecta¬ 
tions  with  its  second-quarter  results,  but 
lowered  its  2002  earnings  projection. 

SBC  beat  Wall  Street’s  earnings  target  in 
the  second  quarter,  but  the  company’s 
second-quarter  earnings  of  $1.8  billion 
were  down  more  than  10%  from  a 
year  ago. 

The  poor  results,  combined  with  last 
year’s  showing,  have  resulted  in  job  cuts. 

After  eliminating  29,000  positions  in 
2001, Verizon  announced  another  10,000 
cuts  in  March.  In  May,  SBC  announced 

See  RBOC,  page  38 


contract  include  Sun,  Oracle  and  Mer¬ 
cury  Interactive. 

“It’s  a  great  deal  for  AT&T”  says  Carrie 
Lewis,  an  analyst  at  The  Yankee  Group. 
“They  are  becoming  a  stronger  player  in 
Web  hosting.  They ’re  one  of  the  most  stable 
players  in  the  Web  hosting  marketplace, 
and  this  contract  is  indicative  of  that  fact." 

Lewis  says  AT&T  should  be  able  to  lever¬ 
age  the  FirstGov.gov  win  in  the  government 
sector,  which  has  a  growing  need  for  Web 
hosting,  and  in  the  highly  competitive 
commercial  sector. 

“They  are  going  to  have  to  build  some 
sort  of  ironclad  security  platform  for  the 
federal  government,’’ Lewis  says.“lf  they  can 
build  this  platform  and  deliver  it,  then  they 
can  repackage  it  and  offer  it  to  other  indus¬ 
tries.” 

That’s  exactly  AT&T’s  plan,  according  to 
company  officials. 

‘AT&T  is  not  top-of-mind  for  Web  hosting,” 
says  Don  Teague,  vice  president  of  civilian 
sales  for  AT&T  Government  Solutions. “For 
most  government  agencies  and  most  com¬ 
mercial  [accounts],  if  they  made  a  list  of 
the  top  five  firms  in  hosting  ...we  wouldn’t 
show  up  very  often.That’s  too  bad  because 
we  have  a  phenomenal  capability  borne  of 
our  huge  network.” 

AT&T  plans  to  use  the  FirstGov  contract 
to  help  deliver  the  message  that  Web  host¬ 
ing  is  a  core  capability  for  company 

“Why  are  we  so  heavily  invested  in  this 
and  why  are  we  getting  so  good  at  this? 
Because  so  many  of  our  customers  are 
going  to  hosting, ’’Teague  adds. 

“We  will  provide  a  very  secure  network 
environment  as  well  as  the  physical  envi¬ 
ronment,”  he  says.  “You  almost  can’t  talk 
about  hosting  without  talking  about  secur¬ 
ity  so  we’ve  put  together  an  integrated 
approach. ..  .With  FirstGov, you’d  be  fooling 
yourself  to  provide  this  kind  of  connectiv¬ 
ity  without  security’ 

AT&T  was  the  incumbent  contractor  on 
the  hosting  bid  because  its  subsidiary, 
GRC  International,  designed  the  original 
FirstGov  site  in  the  fall  of  2000.  Last  March, 
AT&T  won  a  separate  five-year,  $10  million 

See  AT&T,  page  38 
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If  you’re  like  most  network  executives,  it's 
been  a  long  time  since  you’ve  gotten  a 
thrill  from  your  work.  Between  the 
gloomy  stock  market,  reductions  in  work¬ 
force,  and  the  financial  (and  ethical)  woes 
of  your  service  providers,  it’s  hard  to 
remember  the  excitement  and  wonder  you 
once  felt  about  the  power  of  networks.  As 
one  network  executive  told  me  recently“It 
just  seems  like  all  the  fun’s  gone  out  of  net¬ 
working  technology’ 

We’ve  all  gotten  more  jaded,  I’ll  admit  (or 
maybe  just  older).  But  although  the  spark 
may  have  flickered, it  hasn’t  gone  out. While 
you’ve  kept  the  circuits  up,  systems  stable 


Service  Providers _ 

Rekindling  the  thrill  of  networking 


and  applications  flowing  smoothly,  others 
have  been  thinking,  talking,  and  writing 
about  the  ’Net  and  its  effect  on  the  world. 

Here  is  an  annotated  list  of  the  best  net¬ 
work  technology-related  creative  work  that 
I’ve  found,  passed  along  in  the  hope  it  will 
remind  everyone  why  we  got  into  the  field 
in  the  first  place.  (Disclaimer:  Neither  my 
company  nor  I  have  any  affiliation  with  the 
creators  of  these  works,  and  the  opinions 
reflected  are  solely  my  own.) 

Books.  You  should  definitely  check  out 
Linked :  The  New  Science  of  Networks  by  Al- 
bert-Laszlo  Barabasi).  I  guarantee  you  that 
the  time  spent  reading  it  will  be  among  the 
most  entertaining,  mind-expanding,  and 
thought-provoking  hours  you’ll  spend  this 
fall.  Despite  the  title,  there’s  nothing  deeply 
technical  about  the  topic,  although  the 
author  is  a  practicing  scientist  and  formu¬ 
las  are  provided  for  the  mathematically 
minded.The  author  takes  some  fundamen¬ 
tal  concepts  and  applies  them  to  a  stagger¬ 


ing  array  of  real-world  scenarios,  including 
gossip  at  cocktail  parties,  viral  epidemics 
and  the  Internet’s  putative  resilience. 

Science-fiction  buffs  also  should  be  sure 
to  catch  Cryptonomicon  by  Neal  Stephen¬ 
son.  It’s  a  wonderfully  twisted  tale  that  links 
World  War  II  encryption  with  the  decline 
and  fall  of  a  late  20th  century  dot-com  — 
rather  prescient  for  a  book  that  came  out 
in  1999.  I’ve  been  a  Stephenson  fan  since 
Zodiac  (another  great  read  that  predates 
his  pioneering  novel,  Snow  Crash).  If  you 
like  hard  science  fiction,  you  will  like  his 
work,  too. 

Comics.  You  can’t  possibly  miss  “Helen, 
Sweetheart  of  the  Internet,”  stalwart  de¬ 
fender  of  geekdom  everywhere  and  one  of 
the  few  comic  heroes  who  understands 
the  difference  between  Ethernet  and  ATM. 
Who  else  would  trade  two  Bob  Metcalfe 
cards  for  a  Vint  Cerf  (see  the  Aug.  12,2001, 
issue)?  If  she’s  escaped  your  notice  before, 
take  a  look  at  www.ucomics.com/helen). 
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Essays.  Every  now  and  then  someone 
crafts  a  thought-provoking,  well-reasoned 
piece  about  the  affect  of  the  ’Net  on  busi¬ 
ness.  Singer-songwriter  Janis  Ian  recently 
put  together  a  pair  of  essays  about  the  busi¬ 
ness,  and  the  philosophical  and  social 
implications  of  online  music  downloads. 
Unlike  most  opinion  pieces  on  the  topic, 
these  are  well-researched,  heavily  docu¬ 
mented,  and  logically  coherent  —  and 
applicable  to  many  other  forms  of  online 
intellectual  property  (such  as  software). 
These  are  “must  reads.”You  might  not  agree 
with  her  conclusions,  but  these  essays  will 
make  you  think.  See  www.janisian.com/ 
article-internet_debacle.html  and  www 
.janisian.com/article-fallout.html. 

Johnson  is  senior  nice  president  and 
CTO  for  Greenwich  Technology  Partners,  a 
network  consulting  and  engineering  firm. 
She  can  be  reached  at  johna@green 
wichtech.com. 


Open  source  group  releases 
telephony  services  platform 


AT&T 

continued  from  page  37 

contract  to  upgrade  the  search  capabili¬ 
ties  of  the  FirstGov  site.  AT&T  will  be  earn¬ 
ing  about  $3.9  million  per  year  to  support 
the  FirstGov  site  over  the  next  four  years. 

Having  captured  the  FirstGov  contracts, 
AT&T  is  positioning  itself  to  pursue  other 
e-government  initiatives.  The  Bush  admin¬ 
istration  has  identified  24  high-priority  e- 
government  initiatives,  including  a  digital 
signature  project  called  E-Authentication 
and  a  portal  for  grant  recipients  and  grant¬ 
making  agencies  called  E-Grants.  AT&T 
officials  say  they  plan  to  pursue  many  of 
these  opportunities. 

“The  key  thing  [with  FirstGov]  is  its  im¬ 
portance  in  the  president’s  e-government 
initiatives  and  how  this  site  is  being  lever¬ 
aged  into  the  ongoing  24  initiatives,”  says 
Chris  Stelter.a  director  of  sales  engineering 
for  AT&T  Government  Solutions,  who  runs 
the  FirstGov  program.  FirstGov  is  “one  of  the 
linchpins.” 

“Over  time,  FirstGov  will  become  the 
place  for  a  lot  of  e-government  transac- 
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5,000  job  cuts  and  BellSouth  revealed  it 
would  be  cutting  between  4,000  and 
5,000  positions. 

After  announcing  7,000  cuts  in  De¬ 
cember,  Qwest  has  not  made  any  more 
large  cutbacks.  But  the  company  has 
trimmed  small  numbers  of  workers  region¬ 
ally'  throughout  the  year. 

There’s  no  obvious  way  to  tell  if  the  cut¬ 
backs  at  the  RBOCs  are  affecting  customer 
service.  But,  Palumbo  says  job  cuts  often 
affect  service  levels.  She  says  enterprise 
customers  were  disenchanted  with  the  ser¬ 
vice  they  were  getting  from  the  RBOCs 
even  before  the  latest  cuts. 

In  a  survey  of  171  large  business  cus- 


Poised  for  growth 

Estimated  growth  for  the 
federal  government’s  Web 
hosting  expenditures: 

2002  |  $1  billion 


Statistics  include: 

•  Web  hosting  and  collocation. 

•  Managed  Web  hosting. 

•  Application  support. 

•  Remote  storage. 

•  Network  support. 

SOURCE:  PRAXIS  SOLUTIONS 

tions,”  says  Cynthia  Shockley  vice  presi¬ 
dent  of  consulting  at  Federal  Sources,  a 
Vienna,  Va.,  market  research  firm.  “Ap¬ 
plications  like  E-Grants  will  need  to  be 
secure,  so  I  can  certainly  see  the  need  for 
upgrading  the  security. .  .This  [contract]  is 
a  coup  for  AT&T.”  ■ 


tomers  at  the  start  of  the  year,  Qwest  led  the 
RBOCs,  with  58%  of  businesses  surveyed 
saying  they  were  satisfied  or  very  satisfied 
with  Qwest’s  customer  service. 

“That’s  not  a  very  good  figure,  given  that 
the  enterprise  market  segment  is  a  key  cus¬ 
tomer  base  for  the  RBOCs,”  Palumbo  says. 

There  are  several  reasons  for  the  RBOCs’ 
struggles. 

The  poor  economy  is  definitely  having  an 
effect.  Although  the  RBOCs  competed  with 
many  of  the  CLECs  that  have  disappeared, 
they  also  sold  services  to  them. 

Another  major  factor  is  a  regulatory  envi¬ 
ronment  that  hurts  the  RBOCs,  says  Thomas 
Nolle,  president  of  consulting  firm  CIMI 
Corp.and  a  Network  World  columnist. 

“There’s  no  question  that  regulators  have 
done  a  tremendous  disservice  to  the 


■  BY  STEPHEN  LAWSON 

The  GNU  free  software  project  has 
released  the  first  complete  version  of  its 
platform  for  telephony  services  applica¬ 
tions,  the  group  announced  last  week. 

On  the  new  software  platform,  called 
GNU  Bayonne  Version  1 .0,  developers  can 
write  open  source  applications  for  phone 
system  functions  such  as  call  direction, 
voice  prompts,  voice  mail  and  automated 
order  processing.  Although  it  was  devel¬ 
oped  with  companies  in  mind,  carriers  also 
can  use  it  as  the  basis  for  applications  such 
as  customer  voice  mail  and  prepaid  cell 
phone  services,  according  to  David  Sugar, 
head  of  the  GNU  Bayonne  project.  He  also 
is  the  CTO  of  Open  Source  Telecom,  which 
has  provided  commercial  sponsorship  of 
GNU  Bayonne  development. 

“Any  type  of  voice  application  that  re- 


industry/  he  says. 

The  Telecommunications  Act  of  1996 
asked  the  RBOCs  to  do  too  much,  Nolle 
says.  Not  only  did  it  ask  them  to  move  from 
a  regulated  market  to  an  open  market,  it 
forced  the  RBOCs  to  invest  in  new  infra¬ 
structure  that  had  to  be  shared  with  com¬ 
petitors  at  below-market  rates. 

“It  makes  no  sense  that  they  have  to  mod¬ 
ernize  their  networks  but  competitors  can 
piggyback  on  them  at  no  risk,”  he  says. 

Michael  Fbwell,  chairman  of  the  Federal 
Communications  Commission,  has  talked 
about  easing  some  of  the  regulatory  restric¬ 
tions  on  the  RBOCs  but  hasn’t  done  any¬ 
thing  significant  up  to  this  point,  Nolle  says. 
Any  regulatory  changes  made  now  would 
be  too  late  to  help  the  RBOCs  plan  for  next 
year,  he  adds.  ■ 


quires  application  programming  logic  can 
be  [created  with]  Bayonne  todayf  Sugar 
says. 

The  GNU  Project  is  a  volunteer  effort  by 
developers  around  the  world, sponsored  by 
the  Free  Software  Foundation  (FSF),to  cre¬ 
ate  a  full  operating  system  that  can  be  freely 
distributed.  GNU  makes  its  software  avail¬ 
able  under  the  GNU  General  Public 
License,  which  lets  developers  view  and 
modify  the  source  code  of  the  software  as 
long  as  they  make  their  modifications  freely 
available  to  other  users.  GNU  Bayonne  is 
part  of  GNU  Enterprise,  a  subset  of  the  GNU 
operating  system,  which  is  based  on  the 
Linux  kernel. 

Free  software  not  only  saves  companies 
and  service  providers  money  but  also  lets 
them  adapt  a  piece  of  software  to  their 
needs,  a  big  benefit  in  telecom,  Sugar  says. 

Support  for  telecom  platforms  based  on 
free  software  and  standard,  interchange¬ 
able  hardware  components  is  coming  from 
several  companies.  Earlier  this  year,  vendors 
including  Intel,  Cisco,  IBM  and  Hewlett- 
Packard  announced  a  working  group  to 
develop  and  promote  a  version  of  Linux 
that  meets  service  providers’  reliability  stan¬ 
dards.  In  addition,  a  new  version  of  the 
Compact  PCI  hardware  interface  may  make 
it  possible  for  users  to  mix  and  match  tele¬ 
com  switch  and  server  components. 

The  developers  of  GNU  Bayonne  paid 
attention  to  the  emerging  carrier-class 
Linux  code  as  they  developed  the  telepho¬ 
ny  software  and  intend  to  make  it  compat¬ 
ible  with  carrier-class  Linux,  Sugar  says. 

GNU  Bayonne  can  be  downloaded  from 
ftp://ftp.gnu.org/gnu.bayonne/. 

Lawson  is  a  correspondent  for  the  IDG 
News  Service ’s  San  Francisco  bureau. 
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Meet  the  Passport 
8600  Routing  Switch. 

Let’s  talk  availability  -  with  industry  leading  reliability,  increased 
scalability  and  integrated  QoS,  all  wrapped  up  in  a  fault  tolerant 
chassis,  we're  talking  some  serious  hardware.  Couple  that  with  a 
variety  of  10/100,  Gigabit  Ethernet,  10  Gig  Ethernet,  Packet  over 
SONET,  and  ATM  ports  and  you  begin  to  see  why  we're  so 
passionate  when  we  talk  about  delivering  world  class  mission 
critical  reliability  for  Enterprise  networks.  From  the  physical  to  the 
logical,  we've  designed  all  aspects  of  this  product  to  be  easy  to 
install,  operate  and  maintain.  It’s  designed  to  provide  protection 
strategies  at  multiple  levels  to  deliver  five  9s  reliability.  And  talk 
about  flexible  -  the  Passport™  8600  is  available  in  four  different 
chassis  options  so  from  small  Enterprise  to  Service  Provider  and 
limited  rack  space  to  highest  density  we  have  you  covered. 
To  learn  more  about  the  Ethernet  switching  capabilities  Passport 
8600  enables,  visit  nortelnetwoks.com/passport8600. 
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iHifoes  your  remote  access  leave  you  a  little...  exposed? 
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For  enterprise:class  security,  access  and  management,  Fiberlink  has  you  covered. 

Just  how  secure  is  your  remote  access?  How  dependable  is  it?  How  hard  is  it  to  manage?  If  you  want  easy  answers  to  these 
tough  questions,  you  need  Fiberlink.  •  Only  Fiberlink  delivers  a  level  of  integrated  security,  access  and  management  that  optimizes 
remote  access  —  anytime,  anywhere.  The  confidence  of  policy-enabled  remote  access,  with  integrated  authentication,  intrusion 
detection,  VPN,  distributed  firewall  and  virus  protection.  And  robust  tools  that  give  end-users  easy  access  and  administrators 
fewer  headaches.  *  It's  no  wonder  that  leading  industry  analysts  recommend  Fiberlink  to  their  clients.  Did  we  also  mention  that 
our  customers  typically  reduce  their  costs  by  as  much  as  80%? 
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Learn  more  at  k  een  or  call  1-SQO-LINKN'  today.  Before  you  catch  something. 
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HP  readies  for  assault 
on  service  providers 

Now  that  Hewlett-Packard's  merger  with  Compaq  is  a 
done  deal,  the  company  is  moving  forward  rapidly  to 
build  on  its  already  considerable  business  with  service 
providers.  The  mantra  for  HP’s  network  and  service 
provider  division  is:  standards  and  Linux.  The  company  hopes  to  profit 
from  the  trend  to  drive  proprietary  hardware  and  software  out  of  carrier 
networks  and  to  convince  service  providers  that  hardened  Linux  plat¬ 
forms  are  just  what  they  need  for  their  next-generation  networks. 
Recently  Network  World  Senior  Editor  Tim  Greene  had  a  conversation 
with  Sebastiano  Tevarotto,  HP's  vice  president  and  general  manager  of 
the  company’s  Network  and  Service  Provider  business  unit. 

What  is  your  vision  for  the  service  provider  unit  and  its  business  partners? 

It  is  for  an  open  standards  network  that  will  enable  services  to  be  quickly 
deployed,  and  hence  provisioned  to  customers,  and  managed  at  marginal  oper¬ 
ating  cost.  Those  services  will  be  developed  by  a  variety  of  entities,  not  just  by 
the  service  providers  or  HP  Openness  becomes  of  incredible  value  because 
service  providers  will  not  be  able,  as  they  were  in  the  past  with  voice  services, 
to  control  everything.They  need  to  create  this  open  entrance  where  any  clever 
company  that  has  a  service  that  delivers  value  to  customers  can  transition  in, 
pay  a  price  and  serve  some  customers. 


How  big  is  HP  with  service  providers? 

Some  of  our  OpenCall  signaling  middleware  has  more  than  3,600  installations 
around  the  world.  People  don’t  know  that  we  are  there.  A  significant  number  of 
prepaid  wireless  customers  are  served  over  the  prepaid  OpenCall  solution.  We 
are  kind  of  uniquely  positioned  because  of  the  IT  and  telco  knowledge  to 
solve  todays  and  tomorrows  needs  of  the  service  providers. We  have  more 
than  1,000  engineers  who  work  on  developing  these  technologies,  in  [research 
and  development]  .And  we  have  a  critical  mass  of  services  people  who  can 
join  forces  with  partners  to  take  solutions  directly  to  the  customers. 

What  important  products  have  resulted  from  the  merger? 

With  OpenView,we  were  going  into  the  area  of  network  management. 

By  bringing  together  [Compaq’s  Telecommunications  Management 
Information  Platform]  and  OpenView.we  are  years  ahead  of  any  competitor  in 
bringing  a  service  offering  that  allows  us  to  manage  IT  and  telecom  networks 
together.  Also,  the  new  Opencall  service-delivery  platform  is  an  area  where  both 
companies  were  going. 

With  the  service  delivery  platform, you  create  a  level  of  abstraction  that  sepa¬ 
rates  the  complexity  of  the  network  from  the  customer-facing  part  of  the  activity 
Hence, you  can  introduce  the  service,  and  then  the  service-delivery  platform 
takes  the  responsibility  to  interface  with  all  of  the  network  elements.The  result  is 
a  significant  cost  reduction  because  you  don’t  develop  things  several  times,  and 
more  importantly,  a  dramatic  reduction  in  time-to-market  for  the  services  because 
that  platform  is  standards-based.Once  the  services  you  have  comply  with  the 
standards, you  are  guaranteed  that  those  will  run  on  top  of  your  platform. 

Who  do  you  regard  now  as  your  competitors? 

There  is  not  a  competitor  now. We  are  pushing  open  standards, so  the  competi¬ 
tor  in  that  area  is  Sun  Solaris  and  the  proprietary  nature  of  Sun  Solaris.The  in¬ 
dustry  is  moving  into  Linux,  so  we  are  definitely  carrying  the  flag  of  developing 
carrier-grade  Linux  systems  and  using  Linux  extensively  Both  companies  were 
investing  in  Linux.  We’ve  merged  the  two  efforts  and  accelerated  things.  In  the 
carrier  grade,  HP  was  slightly  ahead.  ■ 


Report:  Telecom  market  still  slow 


Takes 


■  CommWorks,  the  carrier  equip¬ 
ment  arm  of  3Com,  announced  last 
week  that  its  voice-over-iP  gear  for 
service  providers  has  surpassed  10 
billion  minutes  of  VoIP  traffic  over 
carrier  networks.  CommWorks'  VoIP 
product  lineup  includes  the  Total 
Control  1000  Media  Gateway,  the 
4007  SS7  Signaling  Gateway  and 
the  7220  Accounting  Server.  VoIP 
systems  based  on  these  products 
are  installed  in  carrier  networks 
such  as  WorldCom's  and  China 
Unicorn’s.  Giga  Information  Group 
estimates  that  less  than  1%  of  the 
200  billion  minutes  of  world  tele¬ 
phone  traffic  will  be  carried  by  IP 
this  year. 


■  BY  PHIL  HOCHMUTH 

It  was  a  tale  of  two  markets  for  optical 
transport  and  multiservice  SONET  gear  in 
the  second  quarter,  Dell’Oro  Group  reports. 

The  revenue  from  long-haul  optical  gear 
shrank  greatly,  the  analyst  firm  says,  while 
demand  grew  slightly  for  multiservice 
SONET  boxes  that  deliver  bandwidth  man¬ 
agement  beyond  the  capabilities  of  tradi¬ 
tional  add-drop  multiplexers.  Revenue  for 
the  optical  transport  market  declined  19% 
from  the  first  quarter,  totaling  $1.9  billion  in 
the  second  quarter,  according  to  Dell’Oro, 
while  revenue  from  the  sale  of  SONET/SDH 
multiservice  systems  totaled  $336  million,  a 
2%  jump  from  the  first  quarter. 

Nortel  led  the  market  for  optical  transport 
gear,  despite  a  4%  drop  in  revenue  from  the 
previous  quarter  in  that  market.  Alcatel, 
with  revenue  growth  of  6%,  came  in  sec¬ 
ond,  while  Lucent  —  which  saw  its  sales  of 


optical  gear  drop  by  more  than  a  quarter 
from  the  first  quarter  —  ranked  third. 

For  the  optical  transport  market,  the  sec¬ 
ond  quarter  was  the  continuation  of  a  long, 
sad  story  The  market  for  long-haul  telecom 
gear  has  declined  every  quarter  from  a 
peak  of  $6.2  billion  in  the  fourth  quarter  of 
2000.This  69%  decline  over  the  last  six  quar¬ 
ters  reflects  the  broad  weakness  in  demand 
for  telecom  gear  from  carriers,  which  have 
cut  capital  expenditures  after  overextend¬ 
ing  their  capacity  over  the  last  few  years, 
according  to  Dell’Oro.  Slowing  customer 
demand  and  poor  financial  results  also 
have  contributed  to  weak  telecom  spend¬ 
ing  by  carriers,  the  analyst  firm  says. 

Growth  in  the  SONET/SDH  multiservice 
switch  segment  was  a  small  bright  spot  for 
carrier  gear  makers.  These  boxes  are  basi¬ 
cally  high-density  add-drop  multiplexers 
with  the  ability  to  manage  bandwidth 
among  multiple  SONET  rings. 


Dell’Oro  says  demand  for  datacom  ser¬ 
vices  from  corporations  is  driving  demand 
for  SONET/SDH  multiservice  gear,  which 
can  provision  services  more  efficiently 
than  previous-generation  add-drop  multi¬ 
plexers. 

Three  vendors  each  took  about  a  quarter 
of  the  revenue  for  this  equipment,  as 
Alcatel  led  with  28%,  followed  by  Nortel  at 
25%  and  Cisco,  which  garnered  22%  of 
sales.  ECI  Telecom’s  Lightscape  Networks 
division  scooped  up  the  largest  share  of 
what  was  left,  with  8%. 

While  the  fortunes  of  carriers  and  carrier 
equipment  makers  are  sagging, people  and 
businesses  are  not  using  the  Internet  any 
less,  just  less  than  previously  expected, ana¬ 
lysts  and  observers  say:  For  instance,  the 
London  internet  Exchange, Europe’s  largest 
’Net  hub,  says  its  average  backbone  utiliza¬ 
tion  —  around  12G  bit/sec  —  has  grown 
three  times  since  last  spring.  ■ 
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Marconi  looks  to  future 

Refinanced  debt  and  product  focus  may  help  turnaround. 


■  BY  TIM  GREENE 

LONDON  — When  you  think  of 
Marconi,  you  now  should  think 
only  of  switch  routers  and  opti¬ 
cal  gear. 

In  an  effort  to  regain  profitabil¬ 
ity,  the  company  had  revamped 
itself  to  focus  on  only  these  prod¬ 
ucts  and  to  get  rid  of  side  inter¬ 
ests  unrelated  to  these  areas.  It 
has  convinced  its  creditors  that 
this  is  the  route  to  success. 

Starting  in  January,  the  com¬ 
pany  will  wipe  clean  much  of  its 
$6  billion  in  debt, start  shopping 
around  some  of  its  divisions 
and  proceed  under  watchful 
eyes  of  the  banks  that  lent  it 
money  and  that  will  own  99.5% 
of  its  stock.  Unlike  many  other 
network  companies,  it  has  ac¬ 
complished  this  without  filing 
for  bankruptcy. 

With  the  reorganization  comes 
a  new  name  —  Marconi  Corp., 
replacing  Marconi  LLP  —  and  a 
more  modest  set  of  financial, 
goals.  Whereas  the  company  took 
in  $7  billion  in  its  last  full  fiscal 
year,  under  the  new  plan  its  goal 
will  be  only  $4  billion.  It  also 
hopes  to  profit  by  $199  million, 
which  is  a  stark  contrast  to  the 
$8.6  billion  loss  it  suffered  in  its 
last  fiscal  year. 

That  new  business  plan  calls  for 
reducing  research  and  develop¬ 
ment  from  12%  to  10%  of  sales,  a 
cut  that  is  compounded  because 
sales  projections  also  have  drop¬ 
ped.  R&D  money  will  drop  from 
$840  million  to  $400  million, 
based  on  figures  the  company 
has  released. 

This  new  financial  outlook 
stems  from  lessons  learned  after 
Marconi  got  caught  up  in  the  exu¬ 
berance  and  optimism  of  net¬ 
work  boom  times  and  borrowed 
too  much. 

“We  overextended  ourselves,” 
says  Joe  Pajer,  Marconi’s  execu¬ 
tive  vice  president  of  broadband 
routing  and  switching.  “We  sim¬ 
ply  borrowed  too  much  money 
and  spent  too  much  money 

Marconi  set  its  plan  to  trim 
down  the  company  last  spring 
and  has  worked  since  to  con¬ 
vince  the  banks  that  lent  it 
money  that  it  could  turn  itself 
around. The  creditors  decided  to 
give  the  company  a  chance, 
rather  than  sell  its  assets. 

"They  could  have  liquidated  us 
and  gotten  a  certain  amount  on 


Marconi  by  the  numbers 

Over  the  past  year,  Marconi  has  revamped  its  business 
structure  and  realigned  its  finances  in  an  attempt  to 
survive  long  term. 


Fiscal  2002  revenues  and  losses  Employees 

(in  billions)  (in  thousands) 


the  dollar,  or  looked  at  our  plan 
and  decided  whether  that  is 
going  to  produce  a  better  out¬ 
come  than  taking  us  to  liquida¬ 
tion,”  Pajer  says. 

Marconi’s  flagship  products  in 
North  America  will  continue  to 
be  its  multiservice  switch,  the 
BXR  4800,  which  combines  the 
properties  of  switches  and  rout¬ 
ers  as  a  hedge  against  the  types 
of  networks  service  providers 
build. This  switch  is  supplement¬ 
ed  by  other  gear  that  largely 
came  from  Marconi’s  purchase 
of  FORE  Systems  for  $4.5  billion 
in  1999. 

If  providers  choose  ATM  net¬ 
works,  for  instance,  the  BXR 
4800  can  switch  ATM.  If  pro¬ 
viders  choose  IP,  it  can  route  IP 
It  can  do  both  at  the  same  time 
and  bridge  the  two.  So  it  can 
take  in  ATM,  for  example,  but 
switch  the  traffic  and  put  it  out 
as  IP  or  Multi-protocol  Label 
Switched  packets. 

Outside  North  America,  where 
Marconi  claims  to  have  top  pen¬ 
etration  into  carrier  optical  net¬ 
works,  the  company  will  focus 
more  on  its  optical  gear  that 
ranges  from  add-drop  multiplex¬ 


ers  to  optical  cross-connects. 

When  the  new  company  name 
takes  effect  in  January,  Marconi 
will  look  to  sell  some  of  its  other 
ventures  including  its  medical 
systems,  commerce  systems  and 
data  systems  divisions.lt  also  will 
sell  some  real  estate  and  its  inter¬ 
est  in  an  Italian  lottery  company. 

This  financial  restructuring 
should  help  the  company  sell 
its  gear. 

“With  the  company  internally 
suffering  from  reorganization 
and  flagging  financial  results,  it 
will  be  hard  to  market  [its] 
advantage  to  carriers,”  Current 
Analysis  senior  analyst  Fintan 
O’Halloran  wrote  in  June. 

But  with  a  new  plan  for  prof¬ 
itability,  the  company  can  better 
convince  potential  customers 
that  it  will  be  around  for  the 
long  term. 

“This  financial  question  has 
been  a  black  cloud,”  Pajer  says. 

With  a  better  balance  sheet, 
the  company  may  be  able  to 
make  inroads  against  estab¬ 
lished  competitors  Alcatel,  Lu¬ 
cent,  Nortel  and  Siemens,  which 
have  had  financial  troubles  of 
their  own  ! 


Polaris  Networks 
wheels  out  its 
first  product 


■  BY  TIM  GREENE 

SAN  JOSE  —  Polaris  Networks 
this  week  will  introduce  its  next- 
generation  digital  cross-connect 
system  and  software  that  it  says 
will  reduce  the  provisioning  time 
for  popular  T-l  circuits. 

Called  the  Optical  Metro  Switch 
(OMX),  the  Polaris  box  will  sup¬ 
port  automated  provisioning  via 
its  IntelliOp  management  soft¬ 
ware.  Polaris  says  its  gear  will  re¬ 
duce  the  time  it  takes  to  provision 
these  circuits  from  weeks  or 
months  to  days  by  eliminating 
manual  steps. 

The  software  includes  a  net¬ 
work  planner  that  lets  engineers 
model  changes  to  the  network 
and  analyze  how  they  will  affect 
performance  before  implement¬ 
ing  them.  If  a  business  customer 
needs  to  add  a  major  connec¬ 
tion,  the  service  provider  can  dis¬ 
cover  the  impact  and  make 
appropriate  alterations  before  try¬ 
ing  to  turn  up  the  circuit. 

IntelliOp  also  supports  software 
upgrades  without  turning  off  the 
machines,  so  carriers  can  install 
software  revisions  without  inter¬ 
rupting  customer  service. 

OMX  is  smaller  than  traditional 
gear  and  has  a  switching  fabric 
that  will  support  ATM,  IP  Gigabit 
Ethernet,  SONET  and  TDM.  When 
it  ships  later  this  year,  it  will  sup¬ 
port  only  TDM  and  Synchronous 
Transfer  Mode  transport,  but  also 
will  support  other  protocols  by 
the  end  of  2003,  Polaris  says. 

The  device  can  act  as  a  bridge 
between  older  and  newer  equip¬ 
ment  in  carrier  nets  by  virtue  of 
supporting  multiple  protocols. 

Traditional  cross-connects  do 
not  have  the  ability  to  switch 
these  other  traffic  types.  Instead 
they  rely  on  gear  around  them  to 
do  so.  By  performing  the  func¬ 
tions  of  these  other  pieces  of 
equipment,  such  as  SONET  add- 
drop  multiplexers  and  ATM  con¬ 
centrators,  the  OMX  can  reduce 
the  amount  of  gear  in  provider 
networks.  This  approach  de¬ 
creases  the  capital  outlay  to  build 
a  network,  and  fewer  devices  to 
manage  means  lower  operating 
costs,  the  company  says. 

The  device  can  groom  circuits 
as  small  as  a  T-l  and  place  them 


on  the  appropriate  trunks.T-ls  are 
among  the  most  popular  circuit 
sizes  bought  by  businesses.  Con¬ 
tinued  demand  for  these  circuits 
drives  the  need  for  cross-con¬ 
nects  in  carrier  networks. The  de¬ 
vice  supports  OC-192  SONET 
trunks,  but  later  the  company  will 
introduce  DS-3  and  OC-3  trunks. 

The  new  device  will  compete  in 
some  aspects  against  other  new 
gear  from  Ciena  and  former  Ce¬ 
rent  gear  that  was  bought  by 
Cisco  in  1999.  It  also  competes 
against  cross-connects,  the  Titan 
5500  from  Tellabs  and  the  Alcatel 
1631.  Whereas  these  devices  take 
up  27  racks  to  support  1 ,024  ports 
of  STS-1,  an  OMX  supports  that 
same  number  in  a  half  rack.  One 
OMX  chassis  has  a  switching 
capacity  of  240G  bit/sec, and  con¬ 
necting  chassis  together  into  one 
logical  switch  can  boost  that  to  2 
terabit/sec. 

Multiple  OMX  chassis  are  con¬ 
nected  via  dedicated  intercon¬ 
nection  ports  that  don’t  eat  up 
trunk  ports.  When  linking  multi¬ 
ple  chassis’,  the  switch  cards  are 
installed  in  dedicated  chassis’ 
known  as  switch-matrix  chassis’, 
and  the  trunk  cards  are  placed 
in  chassis’  known  as  switch-inter¬ 
face  chassis’. 

OMXs  can  be  placed  in  ring 
configurations  on  existing  optical 
ring  networks  and  function  as  a 
SONET  add-drop  multiplexer  or 
in  meshed  configurations. 

The  company  is  working  to  get 
Operations  Systems  Modifica¬ 
tions  for  the  Integration  of  Net¬ 
work  Elements  certification  for 
the  switch,  which  will  mean  it  is 
interoperable  with  the  opera¬ 
tions  support  systems  used  by 
major  U.S.  local  carriers.  Polaris 
also  is  trying  to  get  New  Equip¬ 
ment  Building  System  3  certifi¬ 
cation  for  the  OMX  that  shows  it 
meets  the  physical  standards  re¬ 
quired  by  most  carriers. 

Polaris  was  founded  in  June 
2000  by  Ray  Kao,  who  earlier 
founded  TransMedia  (bought 
by  Cisco). 

The  company  has  $77  million 
in  backing  from  Redpoint,  Ven- 
rock  &  Associates,  Advanced 
Technology  Ventures  and  StoRM. 

Polaris:  www.polarisnetworks 
.com 
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■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


ISCSI  delivers  storage  over  Ethernet 


HOW  IT  WORKS 


iSCSI 

iSCSI  uses  Ethernet  as  the  transport  for  data  from 
servers  to  storage  devices. 


Traditional  SCSI  traffic  is  sent  from  the  application  layer  of  the  server  to  the  driver  layer, 
where  an  iSCSI-enabled  network  interface  card  (NIC)  adds  the  iSCSI  protocol  to  the  traffic. 
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The  addition  of  the  iSCSI  protocol  lets  the  SCSI  traffic  be 
encapsulated  in  IP  packets  and  sent  across  an  Ethernet  network. 
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At  the  storage  device,  a  host  bus  adapter  (HBA)  decodes 
the  IP  packets  and  converts  the  traffic  back  to  SCSI. 


Storage 


■  BY  BRYCE  MACKIN 

iSCSI  is  a  block-level  storage  protocol 
that  lets  users  create  a  separate  storage 
network  using  Ethernet.  ISCSI  uses 
Ethernet  as  a  transport  for  data  from 
servers  to  storage  devices  or  storage-area 
networks. Because  iSCSI  uses  Ethernet,  it 
doesn’t  suffer  from  some  of  the  complex¬ 
ity  and  distance  limitations  that  encum¬ 
ber  other  storage  protocols. 

The  iSCSI  protocol  puts  standard  SCSI 
commands  into  TCP  and  sends  those  SCSI 
commands  over  standard  Ethernet.  An 
iSCSI  SAN  consists  of  servers  —  with  an 
iSCSI  host  bus  adapter  (HBA)  or  network 
interface  card  (NIC)  —  disk  arrays  and 
tape  libraries.  Unlike  other  SAN  technolo¬ 
gies,  iSCSI  uses  standard  Ethernet  switches, 
routers  and  cables,  and  the  same  Ethernet 
protocol  deployed  for  communications 
traffic  on  LANs  (TCP/IP).  It  can  take  advan¬ 
tage  of  the  same  type  of  switching,  routing 
and  cabling  technology  used  for  a  LAN. 

Because  iSCSI  uses  SCSI  commands,  rely¬ 
ing  on  Ethernet  only  to  transport  the  SCSI 
commands,  operating  systems  see  iSCSI- 
connected  devices  as  SCSI  devices  and  are 
largely  unaware  that  the  SCSI  device  re¬ 
sides  across  the  room  or  across  town. 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you’ve 
got  one  and  want  to  contribute  it  to  a 
future  issue,  contact  Features  Editor 
Neal  Weinberg  (nweinberg®  nww.com). 


Most  components  inside  these  iSCSI  de¬ 
vices  are  very  familiar  to  network  profes¬ 
sionals,  including  RAID  controllers  and 
SCSI  or  Fibre  Channel  drives.  The  only 
added  feature  is  the  iSCSI  protocol,  which 
can  be  run  on  standard  NICs  in  software  or 
on  specialized  iSCSI  silicon  or  HBAs  that 
off-load  the  TCP/IP  and  iSCSI  protocol. 

ISCSI  is  built  using  two  of  the  most  wide¬ 
ly  adopted  protocols  for  storage  (SCSI) 
and  networking  (TCP). Both  technologies 
have  undergone  years  of  research,  devel¬ 
opment  and  integration.  IP  networks  also 
provide  the  utmost  in  manageability  inter¬ 
operability  and  cost  effectiveness. 

When  SCSI  is  mapped  to  TCP/IP  through 
the  iSCSI  layer, SCSI  is  freed  from  its  parallel 


bus  structure,  letting  users  extend  network 
storage  using  Ethernet. 

SCSI  traffic  at  the  application  layer 
moves  to  the  physical  network  interface 
(either  an  NIC  using  software  or  an  HBA) 
then  out  over  the  Ethernet-based  SAN  to 
a  storage  device,  where  the  SCSI  com¬ 
mand  is  decoded  and  presented  to  the 
storage  operating  system. 

There  are  other  components  that  can  be 
added  to  an  iSCSI  SAN  to  facilitate  inclu¬ 
sion  of  other  storage  protocols.  These  de¬ 
vices  bridge  the  iSCSI  protocol  to  Fibre 
Channel  and  SCSI  devices.  Bridging  prod¬ 
ucts  let  users  deploy  an  iSCSI  SAN  without 
requiring  retrofits  to  the  entire  storage  in- 
frastructure.This  means  that  storage  can  be 


transitioned  to  become  iSCSI-compatible, 
and  the  existing  storage  can  stay  in  place. 

This  bridging  functionality  lets  users  pre¬ 
serve  their  existing  investment  while 
migrating  to  an  IP-based  SAN.  In  addition 
to  the  bridging  function,  some  of  the  pro¬ 
tocol-conversion  devices  also  can  provide 
switching  capability  This  means  that  these 
devices  can  bridge  iSCSI  to  another  proto¬ 
col  and  simultaneously  route  the  com¬ 
mand  to  the  appropriate  device. 

The  iSCSI  draft  specification  has  passed 
the  final  hurdle  on  its  journey  toward  rati¬ 
fication,  opening  the  door  for  vendors  to 
begin  shipping  products  based  on  the 
technology  blueprint. 

The  Internet  Engineering  Task  Force 
(IETF)  said  Wednesday  that  it  completed 
work  on  the  protocol  and  will  now  assign 
a  request  for  comments  number  to  it. 

Devices  such  as  iSCSI  HBAs,  iSCSI  disk 
arrays,  iSCSI  tape  and  iSCSI  to  Fibre 
Channel/SCSI  bridging  products  are  avail¬ 
able  today,  and  more  will  be  available 
throughout  this  year.  Most  of  the  products 
available  today  are  prestandard,  but  all 
have  undergone  rigorous  interoperability 
testing  to  ensure  that  they  work  in  accor¬ 
dance  with  the  standard. 

ISCSI  provides  IT  managers  with  a  new 
option  for  solving  increasing  storage  de¬ 
mands.  By  delivering  the  advantages  of 
SANs  using  a  familiar  and  ubiquitous 
Ethernet  infrastructure,  iSCSI  unifies  net¬ 
work  and  storage  deployment,  making 
SANs  available  to  the  masses. 

Mackin  is  IP  storage  product  manager/ 
iSCSI  subgroup  marketing  coordinator  at 
Adaptec.  He  can  be  reached  at  bryce_ 
mackin@adaptec.  com. 


Dr.  Internet  By  Steve  Blass 

We  recently  upgraded  our  mail  server  to  send- 
mail  8.11.6  and  bind-9.2.1  on  Solaris  Version  8 
from  sendmail  8.9.1  and  bind-4.9.3  on  Solaris 
Version  2.5.1.  The  Solaris  server  is  named 
ultra1.ourname.net,  and  before  the  upgrade 
there  were  no  problems.  Now  “uitral”  is 
appearing  on  the  e-mail  address  when  we  send 
e-mails  outside  our  network.  The  e-mail 
appears  as  “address@ultra1.ourname.net,” 
which  didn't  happen  with  the  old  version.  We 
checked  and  changed  all  the  sendmail.cf  files 


by  adding  a  CM  line  and  DM  line  into  the  cf  file 
to  masquerade  all  the  names  to  locus.net,  but 
that  didn't  work. 

Configuring  sendmail  has  changed,  and  you 
may  not  get  the  desired  results  simply  by  edit¬ 
ing  the  DM  line  in  sendmail.cf.  An  article  at 
sendmail's  Web  site  (see  www.nwfusion.com, 
DocFinder:  2135)  says  “Configuration  files  are 
contained  in  the  subdirectory  ‘cf  with  a  suffix 
'.me'.  They  must  be  run  through  'm4'  to  produce 


a  '.cf  file."  Set  the  MASQUERADE_AS  setting 
and  have  that  picked  up  by  the  sendmail  config. 
The  FAQ  and  cf-README  files  provide  detailed 
instructions.  Additional  Sun  sendmail  informa¬ 
tion  is  available  from  DocFinder:  2136  and  2137 
that  describes  a  solution  to  a  similar  mas¬ 
querading  problem  in  Sun's  SMI  sendmail. 

Blass  is  a  network  architect  at  Change® 
Work  in  Houston.  He  can  be  reached  at 
dr.internet@changeatwork.com. 
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This  week,  an  old  Internet  favorite  —  a 
technology  that  is  pervasive  on  the 
Web,  old  as  the  hills  (at  least  by 
Internet  standards)  and  fairly  misunder¬ 
stood. The  technology  in  question  is  cook¬ 
ies,  those  little  nuggets  of  data  that  are 
ignored  by  most  and  considered  to  be  “the 
end  of  civilization  as  we  know  it”  by  some. 

Cookies  are  tiny  chunks  of  data  that  Web 
sites  hand  to  and  receive  from  your  Web 
browser  in  an  effort  to  track  your  travels, tag 
your  hopping  to  make  you  statistically  sig¬ 
nificant  or  created  to  make  your  prefer¬ 
ences  available  on  subsequent  visits. 

The  way  cookies  are  created  is  simple: 
When  your  browser  makes  a  request  to  a 
Web  server  the  server  replies  and  a  special 
field  in  the  response  header  instructs  your 
browser  to  store  the  cookie  data  supplied 
by  the  server.  Here’s  what  the  header  of  a 
server  response  looks  like  when  it  includes 
a  cookie  setting  request: 

HTTP/1.1  200  OK 

Date:  Wed,  04  Sep  2002  20:20:13  GMT 


Cookie  cookery 

Server  Apache/1.3.12  (Unix)  mod_ssl/ 
2.6.6  OpenSSL/O.9.6  mod_fastcgi/2.2.10 
Set-Cookie:  Apache=63.207.158.10. 

289511031170813230;  path=/;  expires=Fri, 
03-Sep-04  20:20:13  GMT 
Connection:  close 
Content-Type:  text/html 
This  header  is  from  a  request  for  the  root 
page  of  Network  World’s  Web  server,  www. 
nwfusion.com,  and  the  tool  we  used  was 
Ipswitch’s  WS_Ping  ProP&k  ($37.50;  www. 
ipswitch.com/Products/WS_Ping/),  which 
has  a  feature  that  lets  you  retrieve  Web 
pages  as  plain  text  (among  other  things). 

By  now  you’ve  probably  figured  out  that 
the  header  line  that  is  relevant  to  us  is  the 
one  starting  “Set-Cookie:.”  This  is  a  request 
that  tells  a  cookie-compliant  browser  to 
take  the  data  following  the  request  and  cre¬ 
ate  a  file  to  store  it  in. 

The  name  of  the  cookie  file  is  up  to  the 
browser  implementer  —  Microsoft  Internet 
Explorer  under  Windows  names  cookie 
files  by  appending  the  second-level 
domain  name  from  the  server’s  URL  to  the 
current  user’s  name.  Thus,  our  cookie  for 
Network  World  Fusion  is  named 
gearhead@www.nwfusion.txt  and  is  stored 
in  the  folder  “C:\Documents  and 
Settings\gearhead\Cookies.”  Under  the 
Netscape  browser  cookies  are  stored  in  a 
file  named  “cookies”  that  can  be  found  in 


“c:\netscape\users\default.” 

The  cookie  data  is  defined  by  six  para¬ 
meters.  These  are  the  cookie  name,  its 
value,  the  expiration  date,  the  path  for 
which  the  cookie  is  valid,  the  domain  the 
cookie  is  valid  for  and  whether  a  secure 
connection  must  be  available  when  the 
browser  returns  cookie  data  to  a  server. 

The  name  in  our  example  is  “Apache, "and 
the  value  is  “63.207.158.10.28951103117 
0813230.”The  name  is  only  significant  to  a 
server  that  sets  the  cookie,  and  you’ll  often 
see  default  values  such  as  “Apache”  and 
“SITESERVER”  where  a  coding  library  has 
been  used  to  handle  cookies. 

The  domain  is  a  critical  part  of  this  sys¬ 
tem  because  it  defines  the  domain  or  sub- 
domain  to  which  the  cookie  data  will  be 
sent  with  each  browser  request.  The  path 
also  defines  the  start  of  a  subtree  under  the 
domain’s  Web  root  to  which  the  cookie 
applies,  thus  \info  and  \users  under 
myserver.com  could  have  different  cook¬ 
ies.  If  a  path  is  not  set.it  defaults  to  the  URL 
of  the  document  creating  the  cookie. 

Of  course,  you  could  just  as  easily  set 
cookies  for  each  subtree  and  by  setting  the 
path  7”  have  the  cookies  returned  with 
every  request.  We’ve  looked  at  quite  a  few 
cookies,  and  we  suspect  that  this  feature  is 
rarely  if  ever,  used.The  reason  is  obvious  — 
the  overhead  of  extra  cookies 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


IBM  notebook  promises  eight  hours 
of  battery  life 

IBM  recently  introduced  its  Think¬ 
Pad  X30  notebook, a  3.6-pound  note¬ 
book  that  combines  IBM  power 
management  technology  and  de¬ 
sign  features  to  stretch  battery  life  to 
up  to  eight  hours  (when  equipped  with 
an  optional  second  battery). 

The  X30  can  use  two  batteries  at  the  same 
time  —  one  internal  battery  and  one  extend¬ 
ed-life  battery  that  attaches  to  the  bottom  of  the 
notebook.  IBM  says  its  power-saving  technology 
can  intelligently  manage  power  consumption 
between  the  batteries  and  analyze  how  much  power  is 
needed  to  perform  a  specific  task  in  a  specific  environ¬ 
ment.  When  that  is  determined,  the  system  can  reduce  the 
power  to  each  of  the  major  subsystems  appropriately 

The  X30  also  includes  IBM's  Access  Connections  wizard, 
which  lets  users  manage  wired  and  wireless  connec¬ 
tions,  and  switch  between  them,  and  IBM’s  Rapid 
Restore  PC  application,  which  lets  users  recover  saved 
data  after  a  software  crash  with  the  press  of  a  button. 

Another  option  is  the  X3  UltraBase,  a  1 ,6-pound 
base  with  enhanced  features.  Users  can  connect  to 


IBM's  X30  can  use  two  batteries  at  the  same  time. 


the  UltraBase  to  recharge  the  battery  and 
use  features  such  as  a  DVD  or  CD-ROM  drive. 

The  X30  comes  with  Cisco  Aironet  inte¬ 
grated  wireless  (802.11b)  technology  and 
support  for  the  802.1x/Extensible  Authentica¬ 
tion  Protocol  security  standard.  It  starts  at 
$2,000  and  is  available  now.  For  more  informa¬ 
tion,  go  to  www.ibm.com/thinkpad. 

CTX  ships  23-inch  flat-panel  LCD  monitor 

CTX  International  recently  expanded  its  FlatView 
series  of  LCD  monitors  with  the  H2300,  a  23-inch 
monitor  aimed  at  high-end  professional  users.  The 
H2300  is  targeted  at  professionals  in  the  imaging, 
design,  financial,  medical,  manufacturing  and  educa¬ 
tion  fields. 

Compatible  with  Macintosh  and  Windows  com¬ 
puters,  the  H2300  has  1,600-by-l, 200-pixel  resolu¬ 
tion,  wall-mount  capabilities  and  low  power 
consumption.  CTX  says  the  H2300  emits 
almost  no  magnetic  fields.  In  addition, 
two  2-watt  speakers  are  built  into  the 
monitor  to  save  desk  space. 

The  unit  costs  about  $2,800. 
Go  to  www.ctxintl.com  for 
more  details. 


Secure  your  PDA  with  pictures 

Fbintsec  Mobile  Security  recently 
announced  PicturePIN,  an  applica¬ 
tion  for  PDA  users  that  can  replace 
passwords  with  a  sequence  of  graphic 
symbols  that  appear  on  the  logon  screen. 
The  company  says  the  application  lets 
users  create  a  “mnemonic  story  or  phrase" 
using  the  symbols.  This  eliminates  names  or 
words  and  the  need  for  written  reminders. 

For  example,  a  password  of  “Women-Love- 


is  not  significant,  and  it  involves  less  work 
when  Web  site  changes  are  required. 

The  expiration  date  is  what  you  might 
guess,  the  date  after  which  the  cookie  data 
is  no  longer  valid.  If  a  value  isn’t  set,  then 
the  cookie  —  called  a  “session  cookie”  — 
is  stored  in  memory  only  and  deleted 
when  the  browser  exits. 

The  designers  of  the  cookie  system  never 
considered  that  someone  might  not  want 
cookies  to  expire,  so  you’ll  often  see  cook¬ 
ies  with  expiration  dates  such  as  some  date 
and  time  in  2038. 

2038  is  often  the  maximum  year  used  for 
a  really  dumb  reason:  Active  Server  Pages 
in  Microsoft  Internet  Information  Server  3.0 
and  4.0  and  Microsoft  Internet  Information 
Services  5.0  have  a  small  bug  that  causes 
an  error  —  we  quote  from  Microsoft 
Knowledge  Base  article  Q247348  (see 
www.nwfusion.com,  Docfinder  2148):“This 
is  caused  by  an  overflow  of  the  time_t  vari¬ 
able  in  the  C/C++  programming  language. 
This  variable  is  a  32-bit  integer  value  used 
as  an  offset  in  seconds  from  January  1, 
1970.This  variable  has  a  maximum  value  of 
2147483647,  which  only  allows  dates 
through  3:14:07  GMT  on  January  19,2038.” 

An  “overflow”!  What  can  we  say  but“duh.” 

Next  week,  more  delicious  cookies.  Set 
ur  value  to  gearhead@gibbs.com. 


PointSec  lets  users  create  PDA 
passwords  with  pictures. 

Flowers-Daily”  could  be  created 
by  using  the  face  of  a  woman, 
heart,  flower  and  a  sun.  Fbintsec 
says  that  by  having  users  create 
stories  or  scenarios  with  their 
passwords,  the  sequences  be¬ 
come  memorable  yet  random 
to  others. 

The  PicturePIN  sequence 
can  consist  of  four  to  13 
symbols.  While  the  applica¬ 
tion  generates  the  graphics, 
the  user  can  choose  a  pre¬ 
ferred  symbol  set  and  its 
sequence.  The  location  of  the 
symbols  on  the  screen  also 
changes  with  each  logon  sequence,  which  helps  elimi¬ 
nate  the  possibility  that  someone  watching  over  the 
shoulder  could  repeat  the  location  of  the  icons. 

Fbintsec  has  products  for  Fbcket  PC  and  for  Palm  OS- 
based  devices.  Both  products  include  128-  and  256-bit 
encryption  based  on  the  Advanced  Encryption  Standard 
algorithm.  The  system  can  encrypt  data  stored  on  the 
device  and  on  removable  media  such  as  multimedia 
cards,  and  Secure  Digital  and  Compact  Flash  cards. 

Fbintsec  says  decryption  happens  automatically  on  an 
as-required  basis,  on  the  assumption  that  the  user  logged 
on  with  the  correct  sequence.  If  the  PDA  is  idling,  the 
software  places  it  in  a  suspended  state  —  normal  opera¬ 
tion  can  resume  by  clicking  the  first  two  pictures  of  the 
PicturePIN  code.  A  centralized  administrative  feature  lets 
system  administrators  reset  the  password  locally  or  via 
LAN  in  case  end  users  forget  their  code  sequences. 

Go  to  www.pointsec.com  to  learn  more. 

Shaw  can  be  reached  at  kshaw@nww.com. 
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Server  Technology. 


Consulting. 


Imagine  it: 

Scaling  up  to  a  server  for  mission-critical 
applications  that’s  stable,  easy  to  manage  and 
delivers  enterprise-class  performance.  All  in  a 
server  that  maximizes  the  benefits  of  your 
enterprise  operations. 

Done: 

Unisys  has  made  it  all  real  with  our  ES7000  server. 
It  harnesses  32  Intel®  Xeon™  Processors  for 
scalability  and  grown-up  enterprise-class 
performance.  Unisys  has  created  a  server  with 
advanced  systems  management  for  less 
babysitting  and  rock-solid  reliability  running 
Microsoft®  Windows®  2000  Datacenter  Server 
software.  It  all  adds  up  to  reduced  total  cost  of 
ownership  and  a  mature  server  environment  to 
simplify  your  operations. 

Server  Technology  with  precision  thinking, 


relentless  execution  to  driv 


vision  forward. 
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EDITORIAL 

John  Dix 

The  VON 
Showdown 

roster 

A  few  weeks  ago  we  challenged  a  handful  of  vendors 
to  participate  in  a  Network  World  Showdown  pit¬ 
ting  IP  Centrex  suppliers  against  IP  PBX  vendors  at 
the  Voice  on  the  Network  conference  Oct.  7  in  Atlanta 
(www.von.com).  But  we  didn’t  anticipate  the  problems 
we  would  encounter. 

Of  the  six  vendors  we  challenged,  only  three  accepted. 
On  the  PBX  side  we  had  asked  Avaya,  Mitel  and  Vertical 
Networks  to  participate.  Mitel  and  Vertical  are  in,  but 
Avaya  begged  off,  saying  it  sells  IP-based  PBX  systems 
and  equipment  that  carriers  can  use  to  offer  IP  Centrex 
services,  so  it  doesn’t  want  to  say  one  is  better  than 
the  other. 

That  didn’t  represent  a  problem  because  we  had  a  host 
of  other  players  wanting  in.  We  asked  Alcatel  to  step  into 
the  breach. 

On  the  IP  Centrex  side  we  called  on  Equant,  Genuity, 
and  GoBeam.GoBeam  is  the  only  one  that  accepted. The 
Bay  Area  company  offers  services  throughout  California 
and  is  entering  into  wholesale  arrangements  in  other 
states. Verizon,  for  example,  will  use  GoBeam  to  offer  IP 
Centrex  services  in  Chicago. 

Equant  pleaded  the  Fifth  like  Avaya,  saying  it  offers  both 
flavors  of  IP  telephony  and  doesn’t  want  to  favor  one. 

And  we  simply  jumped  the  gun  on  Genuity,  believing  the 
company  would  have  an  IP  Centrex  service  by  showtime 
when  in  fact  it  will  not. 

But  finding  other  IP  Centrex  service  suppliers  to  fill  the 
void  proved  difficult.  While  the  market  looks  promising, 
these  are  still  early  days. 

Knowing  that  SBC  Communications  and  BellSouth  have 
services  in  the  works  we  approached  them.  SBC  said  it  is 
on  track  to  announce  IP  Centrex  in  Illinois  and  California 
in  October,  but  couldn't  get  a  representative  to  the  show. 
And  even  though  VON  is  in  its  backyard,  BellSouth  said  it 
couldn’t  muster  a  speaker  to  talk  about  the  service  it 
plans  to  have  announced  by  showtime. 

But  BeerCom  accepted. This  Bristol, Tenn.,  company 
offers  IP  Centrex  services  to  small  and  midsize  businesses 
in  the  Tri-Cities  region  of  Tennessee-Virginia  via  wireless 
access  links. 

And  to  fill  the  last  IP  Centrex  slot  we  invited  an  equip¬ 
ment  supplier  —  NetCentrex  —  that  has  agreed  to  repre¬ 
sent  one  of  its  service  supplier  customers,  which  unfortu¬ 
nately  has  to  remain  anonymous. 

As  promised,  we’ll  circulate  a  request  for  information 
based  on  a  fictional  company  and  have  the  IP  Centrex 
and  IP  PBX  camps  come  prepared  to  argue  the  merits  of 
their  respective  approaches.  Hope  to  see  you  there. 


Hiring  practices  under  fire 

Regarding  the  story  “Resumes  pile  up, yet  key  jobs  re 
main  open”  (www.nwfusion.com,  DocFinder:  2129): 
What  really  gets  me  going  is  the  short-sighted,  nar¬ 
row-minded, can’t-think-straight  hiring  manager  who 
is  trying  to  find  exactly  the  perfect  fit.  The  quotes  in 
your  story  from  the  hiring  side  were  of  trying  to  find 
applicants  who  had  perfect  credentials,  and  vast 
and  narrowly  focused  experience  that  exactly  fits 
the  job  description. 

What  happened  to  training?  Why  not  find  some¬ 
one  with  a  track  record  of  excellence  in  prior  jobs 
who  had  to  learn  a  new  skill?  Why  not  accept  that 
someone  with  20  years  in  the  business  probably 
knows  a  lot  about  all  aspects  of  computers  and  net¬ 
works  and  can  learn  the  latest  and  greatest  variant? 

And  why  not  think  a  little  out  of  the  box?  Maybe 
the  new  hire  will  share  the  cost  of  the  training  with 
you  and  work  for  50%  until  qualified.That  might  pro¬ 
duce  a  more  loyal  employee.  Even  better,  pay  for  the 
training  yourself  but  make  the  employee  agree  to  re¬ 
pay  if  he  leaves  within  a  few  years.  Stop  looking  for 
stereotypes  —  someone  who  has  15  years  of  varied 
experience  probably  will  be  a  more  valuable  team 
player  than  a  25-year-old. 

This  constant  focus  on  perfect  credentials  is  self- 
defeating.  People  learn  new  skills  all  the  time. 
Whether  they  can  learn  is  more  important  than  what 
they  know. 

Besides,  how  can  you  beat  the  competition  if  you 
hire  folks  who  never  push  the  envelope,  who 
already  know  all  there  is  to  know?  Why  not  look  for 
someone  with  a  track  record  of  innovation  and  ere 
ative  thinking  who  will  help  differentiate  you  from 
the  competition? 

Peter  Thornton 
Annapolis,  Md. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  aerification. 


Like  others  quoted  in  your  story,  I  am  a  senior-level 
IT  person  who  can’t  get  an  interview  even  when  the 
job  fits  my  background  exactly  I  read  an  interesting 
statistic  that  might  give  a  clue  to  the  problem.  CIO 
magazine  recently  interviewed  more  than  500  CIOs 
and  asked  them  what  was  the  most  important  skill  a 
CIO  should  have. 

Only  10%  of  them  listed  technical  skills  as  impor¬ 
tant.  Communication  was  the  most  often-cited  skill. 
When  the  top  people  don’t  know  technology  from  a 
hole  in  the  wall.it  doesn’t  bode  well  for  people  look¬ 
ing  for  positions  below  them. 

Debbie  Joy 
Phoenix 

This  is  the  problem  and  frustration  those  of  us 
looking  for  work  face:  hiring  managers  looking  for 
“exact  fits”  for  technology  positions. They  just  aren’t 
going  to  find  them,  and  there’s  no  need  to  look  for 
them,  either.  As  a  hiring  manager,  staffing  and  build¬ 
ing  MIS  departments  over  the  past  eight  years,  I 
would  look  for  personality  traits  in  the  interview  that 
told  me  the  candidate  had  the  desire  and  aptitude 
to  learn.This  meant  as  much  to  the  success  of  my  de¬ 
partment  as  did  a  candidate  walking  in  with  the  ex¬ 
act  skill  set  fitting  the  job  description. 

Because  the  technology  changes  so  rapidly  it’s 
very  rare  that  you  will  find  “exact  fits,"  if  ever.  What 
should  matter  is  if  the  candidate  can  learn  the  tech¬ 
nology  and  learn  it  quickly  Good  quality  people  in 
high  tech  aren’t  the  ones  who  know  everything 
there  is  to  know  about  your  system  and  applications 
before  they  walk  in  the  door.  The  candidates  that 
provide  the  greatest  return  on  investment  are  those 
who  prove  they  can  learn  and  contribute  quickly 
after  being  hired.There  is  a  lot  of  talent  sitting  on  the 
sidelines  right  now  being  passed  over  because  of 
the  “exact  fit”  mentality  and  it’s  a  shame,  because  the 
organization  loses. 

Joe  Daldegan 
Lone  Tree,  Colo. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder  2125 
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STRATEGY  SESSION 

Jeff  Kaplan 

It’s  been  more  than  a  month  since  IBM  an¬ 
nounced  its  $3.5  billion  acquisition  of 
PwC  Consulting.  While  the  response  has 
been  generally  positive  compared  with  the 
overwhelming  criticism  of  Hewlett-Packard’s 
ill-fated  attempt  to  acquire  the  same  group  for 
$18  billion  two  years  ago,  many  customers 
wonder  if  IBM  can  successfully  integrate  PwC  Consulting  into  its  cor¬ 
porate  culture.  IBM’s  move  also  speaks  to  fundamental  shifts  in  the 
IT/network  industry  that  could  have  more  profound  implications. 

IBM’s  announcement  came  on  the  third  anniversary  of  Lucent’s  acqui¬ 
sition  of  International  Network  Services  (INS),  at  the  time  largest  inde¬ 
pendent  network  consulting  company  in  the  world.  When  Lucent 
announced  its  acquisition  plan,  it  was  to  become  the  “IBM  of  the  com¬ 
munications  industry1  Ironically  Lucent  marked  the  third  anniversary  of 
the  acquisition  with  a  decision  to  spin  off  what  little  remains  of  INS  for 
a  couple  of  pennies  on  the  dollar  of  its  investment. 

Today  IBM  is  paying  $200  million  less  than  Lucent  paid  for  INS  three 
years  ago  and  getting  more  than  10  times  the  number  of  people, skills, 
client  base  and  brand  recognition.  My  guess  is  IBM  will  get  a  lot  more 
value  out  of  its  PwC  Consulting  acquisition. 

Few  may  realize  IBM  has  been  successfully  recruiting  business  con¬ 
sultants  from  the  Big  5  accounting  firms  for  years.  While  many  PwC 
Consulting  professionals  might  have  been  unhappy  with  the  idea  of 
joining  HP  during  the  heyday  of  the  Internet  boom,  those  who  have 


Goodbye,  independent  consultants? 


survived  the  onslaught  of  the  Internet  demise  and  accounting  industry 
implosion  will  find  IBM’s  relative  stability  a  welcome  refuge. 

Interestingly  IBM  has  laid  off  more  than  15,000  of  its  IBM  Global 
Services  employees,  more  than  5%  of  its  workforce,  since  June  30.  With 
the  economy  continuing  to  fail  and  corporate  spending  on  IT  stagnant, 
how  can  IBM  justify  acquiring  30,000  PwC  consultants? 

Simple.  IT  and  networking  are  no  longer  technology  issues;  they  are 
now  truly  business  issues.  Acronyms  such  as  ROI  and  TCO  have  re¬ 
placed  LANs  and  VPNs  in  everyday  discussions  between  IT/network 
managers  and  vendors.  Vendors  who  can’t  translate  the  value  of  their 
products  and  services  into  business  terms  and  integrate  their  technol¬ 
ogy  into  their  customers’  business  processes  are  being  turned  away 
It  might  sound  cliched,  but  IBM’s  move  confirms  the  end  of  an  era 
when  technology  drove  business.  Business  now  drives  technology  Many 
IT/network  managers  are  seeing  this  as  they  are  pushed  to  more  effec¬ 
tively  apply  technology  to  meet  business  objectives. 

Expect  other  vendors  to  make  investments  in  consulting  firms  or  build 
service  organizations  to  win  and  retain  customers.  A  casualty  of  this 
trend  will  be  the  objectivity  of  IT  consultants  who  are  no  longer  vendor- 
independent.  Savvy  managers  will  challenge  vendor-employed  consul¬ 
tants  to  prove  their  objectivity  and  willingness  to  support  multivendor 
setups  as  the  real  test  of  their  sincerity  and  long-term  success. 


Savvy  managers 
will  challenge 
vendor-employed 
consultants  to 
prove  their 
objectivity .... 


Kaplan  is  managing  director  of  THINKstrategies,  a  consultancy  in 
Wellesley,  Mass.  He  can  be  reached  at  jkaplan@thinkstrategies.com. 


SPEAKING  THE  LANGUAGE 

Linda  Musthaler 


In  my  10  years  of  writing  for  Network 
World,  no  article  has  prompted  as  much 
reader  feedback  as  my  July  15  column, 
“NetWare:  It  just  works”  (www.nwfusion.com,  DocFinder:  2127). The 
gist  of  the  argument  was  that  NetWare,  well,  just  works.  It’s  pre¬ 
dictable,  reliable  and  stable. You  can  have  a  NetWare  server  and  not 
spend  an  inordinate  amount  of  time  servicing  it  with  reboots, 
updates,  service  packs,  security  patches  and  the  like.  I  lamented  that 
my  company  abandoned  NetWare  in  favor  of  Windows  NT  about  five 
years  ago,  and  now  I  want  my  NetWare  back. 

A  few  people  wrote  to  ask  whether  we  have  tried  Windows  2000, 
which  inarguably  is  a  more  stable  product  than  NT.  Indeed,  we  have 
upgraded  to  Win  2000  and  acknowledge  that  it  is  more  stable  — 
provided  our  systems  administrator  spends  time  every  day  apply¬ 
ing  the  latest  patches.  Last  Friday,  he  installed  security  patches.  By 
the  time  he  had  finished,  Microsoft  already  was  sending  out  new 
patches. 

The  most  vocal  pro-Microsoft  comments  came  from  Derek 
Flickinger,  who  says  the  Windows  server  products  are  “reliable  and 
really  kick  butt  if  implemented  properly”  In  his  view,  “most  of  the 
recent  Microsoft-related  major  security  issues  have  been  because 
systems  administrators  don’t  keep  up  with  the  appropriate  level  of 
administration  for  their  systems  and  don’t  keep  an  ear  out  for  what 
Microsoft  outright  tells  them  they  need  to  do.”  He  adds  that  “proper 
planning  and  keeping  up  with  an  understanding  of  the  way  the 
pieces  need  to  fit  together  and  the  way  they  are  designed  to  work” 
are  the  keys  to  a  reliable  Windows  platform. 

Derek,  I  agree  with  you  100%.  I’m  sure  this  works  for  companies  that 
are  fortunate  enough  to  have  a  well-trained  staff  dedicated  to  con¬ 
stant  Windows  server  administration.  Smaller  companies,  however, 
may  not  be  able  to  devote  the  resources  to  keep  an  ear  out  for  the 
barrage  of  Microsoft’s  service  releases  and  advice. 

That’s  why  many  network  managers  still  love  their  NetWare.  Here’s 
one,  and  there  are  more  comments  online  at  DocFinder:  2128. 

From  a  director  of  IT:“I  also  can  attest  to  the  good  performance  and 


Readers  love  their  NetWare 


uptime  of  our  Novell  servers.The  Win  2000  servers  we  use  have  had 
to  be  rebooted  16  times  just  this  year  for  security  updates  or  for  ser¬ 
vice  packs.  Our  Novell  servers  only  need  to  go  down  for  electrical 
work  in  the  building  or  for  major  service  packs,  which  was  only  one 
time  this  year.  I  am  not  a  financial  wizard  but  I  can  confidently  state, 
based  upon  uptime  alone,  my  organization  gets  a  better  return  on 
investment  from  our  NetWare  servers  than  our  Microsoft  servers.” 

Ron  Austin  of  ActionFront  Data  Recovery  Labs  points  me  to  the 
company’s  recent  study  on  data  loss  and  recovery.  According  to  the 
study, “Data  loss  was  consistent  across  all  operating  systems  with  the 
exception  of  NetWare.  NetWare  users  showed  significantly  less  data 
loss  than  users  of  other  operating  systems.”  (Read  the  full  release  at 
DocFinder:  2 126.) 

For  an  interesting  perspective  on  why  your  value-added  reseller 
might  have  advised  you  to  move  to  Windows,  consider  this  reply  I 
received  from  aVAR:“AVAR  named  Tom  had  about  50  Novell  clients. 
About  once  a  month  he  would  call  them  and  ask  how  things  were 
going,  and  he  would  always  get  a  resounding  ‘Great,  no  problems' 
One  day  one  of  his  more  adventuresome  clients,  Client  A,  told  him  it 
had  heard  Microsoft  had  this  great  new  network  system  that  was  bet¬ 
ter  than  anything.  Tom  took  a  few  Microsoft  network  courses  and 
informed  Client  A  that  for  lots  of  money  he  would  be  able  to  replace 
all  its  old  NetWare  with  shiny  new  Microsoft  servers.  Client  A  was 
happy;  now  it  had  the  best. 

“About  a  month  later  when  Tom  was  making  his  usual  calls,  Client 
A  informed  him  that  it  was  experiencing  a  few  problems.  Tom  was 
happy  to  go  to  the  site,  do  some  tweaking,  install  some  patches  and 
present  a  bill  for  several  hundred  dollars.  Next  month  the  same  thing 
happened.  On  the  third  month,  when  Tom  started  making  his  calls,  he 
had  a  new  approach:  ‘Hello,  client.  Microsoft  has  a  wonderful  new 
network  system  that’s  much  cheaper  and  better  than  Novell.  I  have 
this  great  presentation  I’d  like  to  show  you. . . .’” 


Smaller  compa¬ 
nies  may  not  be 
able  to . . .  keep 
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Musthaler  is  nice  president  of  Currid  &  Company,  a  Houston  tech¬ 
nology  assessment  firm.  She  can  be  reached  at  linda@currid.com. 


Don’t  make  me  come  over  there. 


Remotely  migrate  your  users  to  XP  or  2000  without  making  a  scene. 


That’s  right,  you’re  not  a  bellhop,  or  an  IT  concierge  for  that  matter.  With  the  robust  Client 
Mgmt  Suite  from  Altiris,  you’re  a  behind-the-scenes  architect  that  can  remotely  migrate 
an  entire  enterprise  to  XP  or  2000  in  no  time  at  all.  Altiris  even  gives  you  comprehensive 
lifecycle  management  for  all  your  networked  devices,  from  deployment  to  retirement. 

All  of  which  saves  you  from  end-user  visits  and  mindless  lo-tech  chitchat.  So  download  our 
free  Migration  Assessment  Toolkit  today,  before  you  swear  this  is  the  last  time — again. 


altiris* 

intuitive  >  manageability 


Get  a  free  Migration  Assessment  Toolkit  today  at  www.altiris.com/easymigrate92  and  avoid  the  hassle. 
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The  NetWorld+Interop  2002 
InteropNet  Labs  (iLabs)  will  focus  on 
three  technologies  this  week  in 
Atlanta:  wireless  security,  IP  storage 
and  Multi-Protocol  Label  Switching. 


Hot-staged  in  a  warehouse  near  San  Francisco, 
dozens  of  iLabs  volunteers  combine  products  that 
employ  these  technologies  and  deploy  them  on  a 
single  network  to  test  interoperability  and  compati¬ 
bility.  Once  the  network  is  assembled  and  tested, 
the  il.abs  team  packages  and  ships  it  to  Atlanta, 
where  show  attendees  can  get  a  hands-on  experi¬ 
ence  with  the  products  tested. 

Setwork  World  holds  exclusive  access  to  the  iLabs 
hot  stage  and  places  members  of  the  Network  World 
Global  Test  Alliance  on  the  iLabs  technology  teams 


Testers  create  largest 
802.1X  interop  lab,  demo 
Web-based  authentication 
and  wireless  IPSec,  and 
show  how  WEP  can  work. 


BY  JOEL  SNYDER,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 
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to  get  firsthand  knowledge  of  the  testing  taking 
place  within  them.  Last  April  we  covered  all  three 
technologies  (www.nwfusion.com,  DocFinder:  2031). 
In  this  round  of  iLabs  testing  we  focused  on  wire- 


reless  security  with  802.1X 


less  security,  with  Global  Test  Alliance  member  Joel 
Snyder,  a  senior  partner  at  Opus  One  participating 
in  the  testing  and  gleaning  information  useful  to 
enterprise  network  professionals. 

In  this  exclusive  package  of  stories.  Snyder  reports 
on  how  the  iLabs  wireless  security  team  divided  its 
testing  into  four  parts,  each  addressing  a  different 
security  strategy  for  wireless  networking  based  on 
differing  enterprise  requirements. 

The  iLabs  wireless  network  is  based  on  802. IX,  the 
newly  minted  IFEE  standard  for  authentication  and 
authorization  in  LANs,  especially  802.1 1-based  wire¬ 
less  LANs.  The  il.abs  team  tested  five  802. IX  clients, 
five  802.11b  wireless  access  points  and  six  authentica¬ 
tion  servers. 

The  second  wireless  security  strategy  is  based  on 
browser-based  authentication,  for  environments  , 
where  maximum  compatibility  with  existing  / 
equipment  is  required  (see  page  52).  The 
third  wireless  strategy  uses  IP 
Security  as  an  authentication 

and  security  mechanism  (see  M 

page  52).  The  final  strategy 

shows  the  much-maligned  s// 

wired  equivalent  privacy  '  / 

(WEP)  encryption  algo 
rithm  as  at  least  an  alter¬ 
native  to  having  no  secu¬ 
rity  at  all  (see  page  54). 

iLabs  engineers  will  be 
on-hand  at  NetWorld+ 

Interop  2002  Atlanta  to 
answer  your  questions 
about  the  specific  technolo¬ 
gies.  t 

See  the  iLabs  schedule  at 
DocFinder:  2140. 


Network  professionals  in  search  of  technology  that 
melds  authentication,  encryption  and  wireless  LANs 
will  find  the  IEEE  802. IX  specification  is  up  to  the  job. 

As  a  Layer  2  authentication  protocol,  802. IX  doesn’t 
let  anyone  on  the  network  until  they’ve  been  properly 
authenticated.  With  built-in  hooks  for  setting  wireless 
encryption  keys,  802.  IX  also  solves  the  worst  problems 
of  wired  equivalent  privacy  (WEP):  avoiding  well- 
known,  widely  distributed  keys.The  only  problem  with 
802. IX  is  that  it  is  an  emerging  technology  that  requires 
upgrades  to  authentication  servers,  client  software  on 
all  PCs,  and  appropriate  configuration  in  the  wireless 
access  points. 

New  products  supporting  802. IX  have  popped  up 
rapidly  and  iLabs  comprises  the  largest-ever  public 
demonstration  of  802.  IX.  Since  the  last  round  of  iLabs 
testing  in  May  the  team  has  added  a  new  authentication 
server  (Aegis,  from  Meetinghouse  Data  Com¬ 
munications)^  Mac  OS  X  802.  IX  client  (also  from 
Meetinghouse),  and  prototype  Protected 
Extensible  Authentication  Protocol  (PEAP)  sup¬ 
port  in  Windows  XP  client  and  Ciscos  ACS 
authentication  server,  to  its  secure  wireless  deploy- 
^  ment. 

PEAP  and  Transport  Layer  Security  (TLS)  are 
two  proposals  that  add  support  for  legacy 
authentication  mechanisms  like  username/ 

|JV  password  and  token  cards  to  the  802.  IX  spec. 

IV  However,  neither  has  reached  standards  sta- 

V  tus.The  Internet  Engineering  Task  Force  (IETF) 

W  requires  that  any  standardized  protocol  be 
f  proven  to  work, and  having  multiple  interoperable 

implementations  is  a  critical  step  along  that  path. 
TLS  offers  support  for  a  wider  range  of  legacy 
authentication  methods  and  was  implement¬ 
ed  first, so  it  should  win  favor  among  network 
managers.  However,  RSA  Security  Microsoft 


c? 


and  Cisco  proposed  PEAP  While  company  affiliation 
isn’t  supposed  to  be  important  within  the  IETF 
process,  proposals  brought  in  by  these  networking 
powerhouses  are  generally  taken  very  seriously. 

We  tested  different  authentication  methods  to  see 
how  well  we  could  mix  and  match  products  in  the 
iLabs  network.  MD5,  the  simplest  authentication 
method  in  the  802.  IX  world,  worked  pretty  well.  Some 
wireless  access  points,  such  as  those  produced  by 
Symbol, don’t  support  MD5.This  is  actually  a  good  thing 
—  MD5  is  not  appropriate  for  wireless  802.  IX  authenti¬ 
cation,  because  it  does  not  set  up  WEP  keys. 

When  we  moved  onto  TLS  using  digital  certificates, 
the  only  authentication  server  that  had  trouble  sup¬ 
porting  this  method  was  Microsoft. 

We  tried  to  use  TLS  authentication  with  a  beta  ver¬ 
sion  of  .Net  Server.  We  found  it  easy  to  set  up  the  .Net 
802. IX  authentication  server,  but  for  MD5  authentica¬ 
tion  only.  When  we  tried  to  move  to  TLS  authentication, 
using  digital  certificates,  the  .Net  Server  would  not  rec¬ 
ognize  our  Netscape  certificate  authority.  Microsoft 
assumes  a  total  Microsoft  implementation,  using  multi¬ 
ple  servers,  Active  Directory  and  the  Microsoft  certifi¬ 
cate  authority,  which  wasn’t  the  interoperability 
demonstration  we  sought. 

Despite  the  .Net  Server  setback,  we  concentrated  our 
testing  on  the  802.  IX  servers,  adding  two  new  products 
(from  Cisco  and  Meetinghouse)  to  the  list  and  retesting 
servers  from  Funk  Software,  Hewlett-Packard,  Microsoft 
and  Secure  Computing. 

The  results  are  encouraging.  Although  we  are  dealing 
with  new  products  and  beta  code,  we’ve  worked  with 
the  vendor  development  teams  to  get  things  to  work. 
For  example,  Wind  River,  the  OEM  behind  many  popu¬ 
lar  access  points,  debugged  and  modified  its  software 
to  pass  PEAP  properly  after  discovering  an  incompati¬ 
bility  during  PEAP  testing. 


access  control  than  privacy. 

'  Ih't fiat  case,  standard  security 
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Browser-based  wireless  security 


For  some  companies,  “wire¬ 
less  security"  is  more  about 
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order  for  the  proprietor  to  charge  them 
correctly.  Moving  this  technology  iiito  the 
corporation  typically  requires  leuss  emphasis 
.  on  charging  and  more  emphasis  bn  simply 
blocking  access  to  unauthorized  individuals. 
To  illustrate  this  example,  the  iLabs  team  built 
a  wireless  network  that  required  users  to  authen¬ 
ticate  to  the  network-using  only  a  browser. 

Vernier  Networks.  Reef  Edge,  Colubris  and  Blue 

f  Socket  have  stepped,  up  to  provide  browser-based 
authentication  for  enterprise  networks.  With 
browser-based  authentication,  the  user  must 
authenticate  with  a  username  and  password  (or 
other  authentication  technique,  such  as  a  one-time 
password  token)  through  a  typically  encrypted 
browser  window  before  their  system  can 
access  to  the  network.  Of  course,  these 
products  are  susceptible  to  a  num 


ber  of  different  attacks,  such  as  system  masquerad¬ 
ing,  where  someone  assumes  the  Ethernet  media 
access  control  address  of  a  legitimate  user  and  takes 
over  their  session.  But  where  the  goal  is  general 
access  control,  not  absolute  secrecy  or  accuracy,  this 
technique  is  useful. 

Our  test  network  for  this  technology  was  based  on 
Vernier’s  product  line.  With  proper  configuration,  this 
worked  great:  The  Vernier  box  intercepted  DNS  re¬ 
quests  and  Web  requests,  and  pretty  much  boxed  us 
into  authenticating  before  we  could  move  on. 

One  of  the  more  useful  extensions  to  this  technique 
is  something  Vernier  calls  802. IX  sniffing.  With  802.  IX 
sniffing,  the  access  manager  —  which  would  block 
access  to  the  internal  network  —  sits  between  a  wire¬ 
less  access  point  and  the  rest  of  the  world.  The  goal 
of  this  dual-mode  configuration  is  to  support  802.  IX 
and  non-lX  clients. 

The  iLabs  team  showed  this  concept,  linking 
Cisco  and  Karlnet  access  points,  a  Vernier  Access 
Manager,  and  Microsoft’s  .Net  authentication 
server,  all  connected  using  a  Macintosh  client. 

In  this  environment,  802.1X-enabled  clients 

authenticate  and  are  placed  onto  the 


Wireless  IPSec 


secure  site  of  the  network,  with  WEP 
encryption  enabled.  This  authentication  dia¬ 
log  is  “sniffed”  by  the  inline  access  manager, 
so  when  users  successfully  authenticate  using 
802. IX,  they  have  access  without  any  further 
logon  process.  If  users  don’t  have  802. IX  software, 
they  connect  to  the  wireless  network  and  see  the 
browser-based  authentication  window.  When  users 
authenticate  using  their  browser,  they’re  connected 
to  the  “guest”  virtual  LAN. 

While  a  company  could  easily  require  its  own 
employees  to  have  802. IX  software  and  configura¬ 
tion  on  mobile  systems,  it  might  not  have  the  same 
requirement  for  guest  users.  idea  is  to  maintain 
a  single  wireless  infrastructure,  with  trusted  users 
given  access  inside  tha corporate  firewall,  and 
guests  and  visitors  placed  outside. 

—  Joel  Snyder 


For  many  companies, 
wireless  networks  have  the 
same  low-level  security  afford¬ 
ed  on  the  Internet:  not  controlled, 
not  authenticated  and  not  trusted. So 
why  not  treat  wireless  LAN  users  like 
Internet  users  and  bring  them  in  from  out¬ 
side  the  firewall  via  VPN  technologies? 

The  strategy  is  simple:  Put  your  wire¬ 
less  network  outside  the  corporate  fire¬ 
wall,  and  give  wireless  users  the  same 
client  tools  as  Internet  users,  including  a 
VPN  client  and  some  authentication  infor¬ 
mation.  Because  IP  Security  (IPSec)  has 
one  of  the  strongest  security  models  avail¬ 
able  in  networking,  using  it  to  secure  wire¬ 
less  networks  gives  even  stronger  security 
than  offered  by  wireless  security  tools  like 
802. IX.  In  addition,  where  VPN  access  via 
the  Internet  is  common,  most  users  will 
already  have  the  necessary  client  software 
installed  on  their  laptops,  so  the  transition 
from  home  use  to  wireless  use  in  the  office  is 
smooth  and  seamless  (see  diagram,  right). 

The  iLabs  team  built  a  wireless  network  where 
access  to  the  corporate  LAN  was  controlled  by  a  Nokia 
VPN/firewall  device.  We  used  smart  cards  from 
Schlumberger,  which  give  a  strong  two-factor  authentication. 
In  this  case,  the  access  point  was  an  SMC  802.11a  (54M 
bit/sec)  model. 

If  you  consider  using  this  strategy,  keep  in  mind  some 
important  issues.  One  main  difference  between  802.  IX 
and  IPSec  products  is  that  802. IX  is  a  link-layer 
authentication  system,  while  IPSec  is  a  network- 
layer  VPN  technology.  In  the  IPSec  case,  this 
^  means  that  anyone  who  wants  to  use  the 

fflk  wireless  network  as  a  carrier,  without 

Sgfeu  going  onto  the  corporate  LAN,  can 

do  so  without  restrictions. 


Its  only  when  the  packets  try  to  leave  the 
wireless  environment  that  the  IPSec  security  gate¬ 
way  blocks  access.  At  the  same  time,  only  IP  is  sup¬ 
ported  by  IPSec.  In  iLabs  testing,  that  wasn’t  a  prob¬ 
lem,  but  we  didn’t  care  about  services  such  as  IP  multi¬ 
cast.  If  you  do,  or  if  you  have  IPX  or  Appletalk,  IPSec  is  not 
the  right  solution. 

Another  issue  with  this  strategy  relates  to 
distribution.  Wireless  LANs  can  be  spread 
throughout  a  corporate  campus,  and 
bringing  the  entire  LAN  back  to  the 
data  center,  where  the  VPN  concen¬ 
trator  is  located,  can  be  a  complex 
undertaking.  Virtual  LANs,  an  obvi¬ 
ous  option,  must  be  used  with 
care.  Virtual  LAN  switches  are  not 
designed  as  security  devices,  and 
packets  can  and  do  hop  virtual 
LAN  boundaries.  Without  virtual 
LANs,  though,  the  question 
running  an  entire  second  ne 
work  infrastructure  just  to 
pull  wireless  outside  the  fire¬ 
wall  can  increase  costs  dra¬ 
matically. 

VPN  concentrators  also  can 
be  a  stumbling  block.  A  concentrator 
sized  for  a  moderate  number  of  users 
connecting  via  dial-in  or  DSL  ser¬ 
vice  might  not  be  able  to  handle 
the  encryption  load  of  wire¬ 
less  users  connecting  at 
LAN  speeds  directly  to 
the  corporate  net¬ 
work. 

—  Joel  Snyder 
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Be  a  Superhero. 


>))  Faster  than 
voice/data 
convergence. 

>))  More  powerful 
than  integrated 
conferencing. 
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Customer  demands  can  keep  you  scrambling.  They  want  voice,  data  and  conferencing — and  they  want  them  yesterday.  Well,  get  your  cape  ready, 
because  when  you  join  forces  with  us,  you'll  look  like  a  hero.  We  work  with  the  right  manufacturers,  like  Alcatel.  And  we  have  the  experience  to 
evaluate  the  most  cost-effective,  efficient  solution  to  your  problems.  So  when  a  customer  needs  a  medium  capacity  networking  hub,  we  can 
recommend  the  Alcatel  3600  MainStreet  Bandwidth  Manager.  The  Alcatel  MainStreet  business  access  portfolio  addresses  the  requirements  of 
service  providers,  wireline,  wireless  and  enterprise  customers.  Whether  your  challenge  is  multi-vendor  procurement,  systems  integration,  or 
creative  leasing  solutions,  we're  ready  and  waiting  to  help  you  save  the  day.  [The  cape  is  optional.] 
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P  is  bad,  but  better  than  nothing 


The  wired  equivalent  privacy  encryption  algorithm  has  a  bad  reputation  because  it’s  rel¬ 
atively  easy  to  crack  and  its  difficult  to  deploy  But  sometimes  it  might  be  your  only  option. 
The  iLabs  team  built  a  small  wireless  LAN  secured  by  WEP-using  devices  that  supported 
no  other  security  mechanism.  We  can  report  that  these  devices  interoperated  while  using 
WEPeven  when  we  employed  nonstandard  extensions  such  as  128-bit  encryption. 


Our  network  was  based  on  the  popular  WAP11  wire¬ 
less  access  points  from  Linksys.  Although  it’s 
not  designed  as  an  enterprise  access 
point,  the  WAP11  has  attracted  many 
adopters  because  of  its  low  price  and 
easy  setup.  The  devices  connected 
to  these  WAP  11  boxes  were  PDAs 
and  wireless  Ethernet  phones, 
which  typically  don’t  work  well 
with  other  wireless  security 
strategies. 

Sharp’s  Zaurus  is  a  Linux-based 
handheld,  which  makes  an  excel¬ 
lent  platform  for  deploying 
small,  portable  applications.  Like 
all  PDAs,  the  Zaurus  has  strictly 
limited  memory  and  a  relatively 
slow  CPU.  Adding  wireless  to  the 
Zaurus  wasn’t  as  simple  as  plug¬ 
ging  in  a  wireless  card;we  had  to 
find  drivers,  card  management 
tools  and  a  recompiled  kernel  to 
add  support  for  the  card  we 
chose.  But  once  we  figured  all 
that  out,  the  first  real  test  against 
our  Linksys  WAP1 1  wireless  access  point  worked. 

Symbol’s  NetVision  phone  is  another  example  of  a 
device  for  which  WEP  fits  best.  NetVision  is  a  very  cool 
but  deceptively  simple  device.  It  looks  like  a  wireless 
phone  without  a  base  station  that  connects  directly  to 
your  802.11b  infrastructure,  talking  H.323  protocols 
directly  to  your  voice-over-iP  network.  You  need  the 
usual  H.323  gatekeeper  to  run  things,  but  no  Symbol- 
specific  or  proprietary  pieces.  NetVision  supports  a  pro¬ 
prietary  high-security  wireless  protocol  based  on 
Kerberos  that  would  have  required  Symbol  access 


points  and  additional  hardware  on  the  network.  We 
used  WEP  to  add  basic  security  against  our 
Linksys  access  points,  and  had  complete 
interoperability  with  devices  on  and 
off  the  network  the  first  time  out. 
WEP  is  useful  for  devices  such  as 
printers,  which  might  be  located 
in  remote  areas  yet  still  need  to 
connect  back  to  the  corporate 
LAN.  Most  wireless  vendors  have 
an  Ethernet-to-wireless  adapter 
that  can  be  used  for  devices 
such  as  printers  or  Replay  TV. 

One  of  the  advantages  of  WEP 
in  this  type  of  network  is  that  the 
WEP  keys  don’t  have  to  be  wide 
ly  distributed  to  a  lot  of  people 
(see  our  WEP  primer,  www.nw 
fusion.com,  DocFinder:  2040). 
Programming  phones  and  PDAs 
is  hard  enough  that  you  probably 
wouldn’t  ask  an  end  user  to  do  it. 
This  helps  to  reduce  some  of  the 
obvious  vulnerabilities  of  WEB 
such  as  people  sharing  the  keys 
or  writing  them  down  and  leaving  them  around  public 
areas. 

Although  most  modern  wireless  card  firmware  has 
been  secured  against  the  initialization  vector  problems 
exploited  by  tools  such  as  AirSnort,PDAs  and  embedded 
devices,  in  particular,  they  may  not  be  as  up  to  date  as 
wireless  cards  for  laptops  and  PCs.  Thus,  the  advice  to 
change  WEP  keys  frequently  still  holds:  it  may  be  painful, 
especially  in  small, portable, devices, but  it’s  an  important 
consideration  in  WEP-based  networks. 

—  Joel  Snyder 


MPLS  and  IP 

storage  testing 

update 


The  iLabs  MPLS  and  IP  Storage 
teams  will  continue  testing  at 
NetWorld+Interop  in  Atlanta. 

For  the  Multi-protocol  Label  Switching  team, 
which  focused  on  basic  MPLS  interoperability 
last  May  (www.nwfusion.com  DocFinder:  2038), 
the  goal  this  time  is  to  demonstrate  interoper¬ 
ability  of  higher-level  services  running  over  a 
multi-vendor  MPLS  backbone. 

The  team  will  build  a  set  of  label-switched 
paths  across  a  core  of  MPL.S  devices.  Within  this 
core,  the  team  will  test  how  multiple  vendors 
handle  failover  and  resiliency  while  interoperat¬ 
ing.  Once  the  core  is  stable,  the  team  will  test 
services  running  on  top  of  MPLS,  including 
Martini  Layer  2  VPNs  based  on  the  Martini  draft 
specification,  standards-based  l^ayer  VPNs  and 
Virtual  Private  LAN  Service  (VPLS)  protocols. 

Using  gear  from  Cisco.  Extreme  Networks. 
Foundry  Networks  and  Riverstone  Networks, 
the  team  will  build  and  test  a  hub-and-spoke 
VPLS  network  over  the  MPLS  core,  pushing  the 
brains  of  a  multisite  Layer  2  VPN  into  the  net¬ 
work.  For  Layer  3  VPNs,  the  iLabs  team  will 
evaluate  at  how  natively  current  MPLS  equip¬ 
ment  can  interoperate  when  passing  IP  V6 
traffic. 

For  the  IP  Storage  team,  the  testing  will  focus 
on  the  same  iSCSI  to  Fiber  Channel  integration 
issues  as  it  touched  in  May  (DocFinder:  2039). 

In  this  round  of  testing,  the  team  will  be  testing 
iSCSI  to  Fibre  Channel  links  both  in  the  iLabs 
booth  and  across  the  show's  network  to  gear 
located  in  vendors’  booths. 

—  Joel  Snyder 


The  ups  and  downs  of  wireless  security  strategy 


Pros 


Cons 


802. IX 

Browser-based  security 

IPSec 

WEP 

Best  match  of  security  and 
wireless  requirements. 

Enforces  authentication  and 
encryption  at  the  link  level, 
supporting  all  protocols. 

Gives  low-overhead  alternative 
to  support  wired  and  wireless 
environments. 

Greatest  compatibility  as  a 
majority  of  wireless  devices  have 
a  browser. 

Easy  for  guest  users  and  visitors 
to  use. 

Highest  security  model  available; 
can  use  digital  certificates  ortwo- 
factor  authentication. 

Generally  available  for  computing 
platforms. 

Can  be  met  with  existingVPN 
infrastructure  (for  example, 

Internet  telecommuters). 

Gooc 
64- at 

Strai 

Built- 

card. 

support  in  most  devices  for 
id  128-bit  encryption. 

ghtforward  configuration. 

in  encryption  in  wireless 

Non-Windows-XP  users  will 
need  to  buy  and  install  client; 
clients  not  readily  available  for  all 
platforms. 

Not  all  access  points  support 
802.1X. 

802.1X  EAP-compatible  RADIUS 
authentication  server  needed  to 
grant/deny  access. 

Doesn't  work  with  embedded 
devices. 

Doesn’t  provide  encryption. 

Traffic  easily  spoofed  in  wired  or 
wireless  environments;  doesn’t 
protect  wireless-to-wireless 
connections. 

IPSec  configuration  and  policy 
distribution  is  complex  and 
problematic,  especially  across 
platforms  and  vendors. 

Performance  at  LAN  speeds  can 
be  problematic  for  laptops;  central 
VPN  security  gateway  might 
need  to  be  upgraded. 

Doesn't  support  non-IP  or 
multimedia  IP;  doesn't  protect 
wireless-to-wireless  connect  ions. 

Many 

prob 

WEP 

share 

Does 

end-t 

theoretical  security 
ems. 

keys  are  widely  known  and 

1 

not  provide  end-system/  1 
jser  authentication. 
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PLAY  TO  WIN? 


(e)  server 


Winning  with  e-commerce:  There’s  something  new  at  London’s  antiquarian  book  dealer  Peter 
Harrington.  They’re  selling  25%  of  their  volume  on  the  Web.  Their  platform?  The  easy-to-manage 
IBM  (©server  xSeries™  Select  xSeries  models  feature  the  Intel®  Xeon™  processor  to  give  you  superior 
performance  and  cost-effectiveness.  For  a  complimentary  IDG  report  on  how  growing  companies  are  using 
IT  to  advance  their  business,  go  to  ibm.com/eserver/peterharrington  ts  fa 


All  numbers  and  results  reported  are  from  customer  sources.  This  customer  example  is  intended  as  an  illustration  only  Costs  and  results  obtained  in  other  customer  environments  will  vary  depending,  among  other  things, 
on  individual  customer  configurations  and  conditions.  IBM,  the  e-business  logo,  e-business  is  the  game.  Play  to  win  and  xSeries  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation 
Intel,  the  Intel  Inside  logo  and  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Other  company,  product  and  service  names  may  be  trademarks 
or  service  marks  ol  others  ©2002  IBM  Corporation  All  rights  reserved 


Voice  over  IP:  the  Right  Time  for  r  Rollout 


One  in  five  Network  IT  Executives  has  already  implemented  voice  over  IP!* 
This  signals  that  convergence  is  a  go!  Now  it's  your  turn  to  merge  the  worlds 
of  voice  and  data  and  reap  the  many  benefits  of  voice  over  IP.  Find  out  which 
products  are  mature  enough  for  deployment.  Learn  how  to  convince  corporate 
management  that  the  time  and  money  you'll  save  on  infrastructure  and  staff 
is  worth  the  investment.  It's  time  to  get  serious  about  convergence.  Attend 
Network  World's  FREE  "Voice  over  IP:  The  Right  Time  for  a  Rollout"  event. 

*  Source:  Network  World  500  Study,  2002 

Successful  VoIP  Rollout  Keys: 

■  Develop  a  business  case  for 
voice  over  IP 

■  Architect  a  voice  over  IP  network 

■  Identify  the  key  voice  over 
IP  applications 

■  Manage  tactical  and  strategic 
roll-out  issues 

•  Tackle  security  concerns 

■  Deploy  a  voice  over  IP  network  in 
the  LAN  or  WAN 


This  event  is  limited  to  qualified  IT  professionals  currently  involved  in  the  evaluation  and 
purchase  of  voice  and  data  products  and  services.  Network  World  reserves  the  right  to 
determine  total  audience  profile. 


A  "Must-Attend  Event”  for: 

■  Network  Directors/Managers 

■  Data  Managers 

■  Telecom  Managers 

■  Network  Architects 

■  CIOs,  CTOs,  CXOs 


Event  Schedule 


October  9 
October  io 
October  29 
October  30 
November  6 
November  7 


New  York ,  NY 
Arlington,  VA 
Atlanta,  GA 
Dallas,  TX 
San  Diego,  CA 
San  Francisco,  CA 


Register  Now! 

Seating  is  limited  to  qualified  participants. 

Don't  miss  out!  Sign  up  online  at: 

www.networkworld.com/events/voip/register.jsp 
or  call  1-800-643-4668. 

Bonus! 

Attend  and  have  a  chance  to  win  a  $100  American  Express  Gift  Cheque,  awarded  for 
the  Best  Question  of  the  Day!  You  must  be  present  at  the  3  p.m.  drawing  to  win. 


,  MelworkWorM 
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Customer  dissatisfaction  with  signature-based  intrusion- 
detection  systems  leads  to  anomaly-based  appliances. 

■  BY  PAUL  DESMOND 

Adar  Meroz  has  worked  with  intrusion-detection  systems  from  leading  ven¬ 
dors  for  the  past  two  years.  But  the  vice  president  of  networking  and  security 


for  Diskal  Systems  Group,  an  Israeli  service  provider,  says  he  has  struggled  to 
get  them  to  work  effectively 


Most  IDSs  rely  on  signatures,  or  pieces  of  code  that  identify  known 
attacks,  to  spot  attacks  that  are  in  progress.That  means,  for  one,  that  the 
attack  has  already  started  by  the  time  Meroz  finds  out  about  it;  often, 
damage  has  already  been  done.  Second,  it’s  a  chore  to  constantly  install 
new  signatures  and  they  are  delivered  only  after  a  new  form  of  attack  is 
already  in  the  wild  —  which  again  is  often  too  late.  But  perhaps  worst 
of  all,  Meroz  found  it  difficult  to  build  all  the  rules  that  would  let  the 
IDS  send  commands  to  attached  routers  and  firewalls  to  actually  halt 
the  offensive  sessions. 

“Very  few  people  know  how  to  build  up  the  rules  in  the  right  logical 
order”  to  make  an  IDS  work  effectively  he  says.“Even  the  smallest  mis¬ 
take^  rule  not  in  the  right  spot,  and  you’ll  get  many  false  positives.” 
Which  brings  up  another  IDS  bugaboo  —  if  they  are  not  tuned  just 
right,  they  can  generate  such  a  sea  of  alerts  that  it  becomes  nearly 
impossible  to  ferret  out  which  alerts  relate  to  actual  attacks. 

However,  where  there  is  such  user  pain  with  a  given  product  category 
there  also  is  opportunity  for  new  players.True  to  form,  companies  includ¬ 
ing  IntruVert  Networks,  NFR  Security  OneSecure,  Recourse  Technologies 
and  Vsecure  Technologies  are  emerging  with  IDSs  that,  if  they  use  signa¬ 
tures  at  all,  it  is  only  as  one  of  several  ways  to  detect  attacks. 

Vendors  have  developed  schemes  that  let  their  devices  identify 
attacks  more  by  detecting  aberrant  traffic  patterns  or  anomalies  in  spe¬ 
cific  packets  than  by  relying  on  signatures.  Many  vendors  deliver  these 
wares  in  an  appliance  format  that  makes  them  easier  to  deploy  than 
their  IDS  predecessors.  And  several  have  features  such  as  automated 
signature  updates,  advanced  reporting  mechanisms  and  features  that 
let  the  IDS  thwart  an  attacker  at  the  door,  all  of  which  mean  they 
require  fewer  people  to  operate. 

They  can’t  be  delivered  fast  enough  to  suit  current  IDS  users. 


“We  see  a  predictable  pattern  where  clients  ask  a  lot  about  intrusion 
detection  and  who  has  the  best  products,” says  John  Pescatore,  research 
director  for  Internet  security  at  Gartner.“Six  months  later  they  come 
back  and  ask  if  there’s  somebody  they  can  outsource  to.” 

Too  many  positives  creates  a  negative 

The  biggest  pain  point,  he  says,  is  the  false  positive  issue.  Reducing  the 
number  of  false  positives  requires  users  to  “tune”  the  IDS  to  ignore  cer¬ 
tain  signature  patterns  that  don’t  apply  to  their  networks.  At  the  simplest 
level,  it  might  mean  not  checking  for  a  known  Microsoft  Internet  In¬ 
formation  System  attack  pattern  if  you  use  only  Apache  Web  servers. 

The  problem  is,  it  takes  lots  of  such  rules  before  the  IDS  is  sufficiently 
tuned  to  cover  all  the  nuances  of  any  network  without  generating  an 
inordinate  number  of  false  positives.  Every  time  there’s  a  change  to  the 
network  configuration,  the  IDS  likely  will  have  to  be  updated  accordingly 

“Therein  lies  the  problem,” says  Joe  Krull.vice  president  of  security  for 
Vsecure.“You  can’t  define  exactly  a  static  [intrusion-detection  system] 
to  work  with  a  dynamic  network.  So  you  keep  the  rules  very  open,  and 
you  start  to  get  a  lot  of  false  alarms.” 

Rebecca  Bace.CEO  of  security  consultancy  Infidel,  serves  as  lead 
forum  faculty  member  for  the  Institute  for  Applied  Network  Security, 
which  has  hosted  a  number  of  forums  for  IDS  users. The  user  con¬ 
stituency  has  spent  enough  time  in  the  trenches  to  undet  stand  that  [sig¬ 
nature-based  intrusion-detection  systems]  are  not  sufficient” she  says. 
"I’ve  heard  a  lot  of  users  say  that  when  there’s  a  competitive  product 
available,  their  current  [IDS]  is  out  the  door.” 

Competitive  products  are  now  available,  and  a  lot  more  wiil  be  coming 
soon.  Bace,  who  is  involved  with  IntruVert  and  other  security  companies 
in  her  role  as  a  venture  capital  consultant  with  Trident  Capital, says  there 
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are  about  40  venture  capital-backed  start¬ 
ups  in  the  IDS  arena. 

A  new  IBS  tack 

While  companies  such  as  IntruVert, 
NFR.  OneSecure,  Recourse  and  Vsecure 
differ  in  their  exact  approach  to  the 
intrusion-detection  problem,  many  share 
similar  characteristics. They  are  easy  to 
deploy,  owing  to  their  appliance  form 
factor  and  their  ability  to  essentially  con¬ 
figure  themselves. 

Each  vendor  uses  anomaly-detection 
techniques  to  augment  or  replace  signa¬ 
tures.  Depending  on  the  product,  these 
techniques  might  let  the  devices  detect 
improper  use  of  communication  proto¬ 
cols,  attacks  meant  to  take  advantage  of 
vulnerabilities  in  specific  applications 
and  changes  in  traffic  patterns  that  might 
indicate  an  attack.  Some  vendors  claim  to 
be  able  to  thwart  distributed-denial-of-ser- 
vice  attacks  by  identifying  these  abnormal 
traffic  patterns. 

A  number  of  vendors  look  for  protocol 
anomalies,  which  include  packets  that  are 
too  long  or  contain 
the  wrong  data  type. 

The  IDSs  also  might 
look  for  state  tran¬ 
sitions,  or  tasks  per¬ 
formed  out  of 
sequence.  Most 
Internet  protocols 

have  well-defined  handshaking  routines 
that  take  place  before  or  while  data  is 
exchanged.  Intruders  might  try  to  deliber¬ 
ately  perform  certain  tasks  out  of 
sequence  in  an  attempt  to  exploit  a  vul¬ 
nerability  of  a  host  or  cause  a  buffer  over¬ 
flow,  letting  them  take  over  the  host. 

It’s  still  possible  that  an  IDS  trained  to 
look  for  protocol  anomalies  will  produce 
false  positives,  says  Fred  Kost,vice  presi¬ 
dent  of  marketing  and  product  develop¬ 
ment  for  Recourse,  which  was  acquired 
by  Symantec  last  month. 

“You  could  pick  up  something  that’s  a 
protocol  anomaly  but  it’s  not  malicious, 
like  maybe  an  old  mail  sever  application 
that  didn’t  implement  [Simple  Mail 
Transfer  Protocol]  correctly’  he  says.  Users 
will  identify  such  anomalies  soon  after 
installing  the  IDS  and  can  write  scripts  to 
filter  them  out. 

Some  of  the  new  IDSs  also  support  auto¬ 
mated  signature  updates,  where  signatures 
are  pushed  out  to  a  server  on  the  user’s 
site,  which  then  delivers  them  to  individ¬ 
ual  IDS  sensors.The  products  also  typical¬ 
ly  can  handle  higher  speeds  than  tradi¬ 
tional  IDSs,  particularly  Intru Vert’s  lntru- 
Shield,  which  can  monitor  up  to  2G  bit/ 
sec  of  traffic  in  full-duplex  mode,NFR’s 
Network  Intrusion  Detection  (NID)  and 
Recourses  Manhunt.  Finally,  if  users  en¬ 
able  the  feature,  devices  including  Intru- 
Shield,  NID  and  Vsecure’s  NetProtect  can 
stop  an  attack,  either  by  dropping  packets 
or  resetting  IP  connections. 

That  means  users  don’t  necessarily 
require  a  security  professional  to  be  on 
the  scene  at  all  times,  Krull  says,  which  is  a 
reality  in  many  companies.There’s  a  huge 
disparity  between  the  level  of  skills  and 


the  complexity  of  the  products,  especially 
with  an  [intrusion-detection  system]  prod¬ 
uct,”  he  says.“In  most  organizations,  the 
person  stuck  with  security  is  the  junior  sys¬ 
tems  administrator,  because  nobody  wants 
to  be  saddled  with  the  responsibility  of 
keeping  patches  up  to  date.” 

Protecting  Fishman 

Diskal’s  Meroz  confirms  Krull’s  assess¬ 
ment.  Since  early  April,  he’s  used  Net- 
Protect  in  production  mode  to  protect  a 
cluster  of  a  dozen  servers  that  Diskal  oper¬ 
ates  for  Fishman  Networks, an  Israeli  retail¬ 
er.  For  the  first  time,  he  can  use  an  IDS  to 


not  just  detect  an  attack,  but  prevent  one. 

He’s  watched  the  device  stop  various 
intrusion  attempts  and  packet  floods. 
“There  was  a  Trojan  worm  that  was  sup¬ 
posed  to  distribute  itself,  but  it  was  stopped 
at  the  [NetProtect]  box,”  he  says,  noting  the 
same  worm  got  by  an  antivirus  system  and 
firewall  on  a  different  network  segment. 

NetProtect  also  is  simpler  to  maintain 
than  the  three  previous  brands  of  firewalls 
with  which  Meroz  has  worked,  all  from 
leading  vendors.  Users  attach  the  device 
to  the  network  segment  they  want  to  pro¬ 
tect,  then  put  the  box  in  “learning”  mode 
for  a  couple  of  hours.  NetProtect  detects 
what  network  protocols  and  services  are 
running  and  assesses  what  constitutes 
normal  behavior. The  device  then  can  be 
switched  to  transparent  mode,  in  which  it 
will  show  the  types  of  attacks  that  are  tak¬ 
ing  place  and  the  steps  it  would  take  to 
block  them.  In  active  mode,  the  device 
actually  blocks  attacks,  by  dropping  pack¬ 
ets  or  resetting  connections. 

When  it  does  block  traffic,  it  does  so  only 
from  a  specific  IP  address  and  only  for  a 
few  seconds  or  minutes,  depending  on  the 
severity  of  the  attack,  Meroz  says.  Once  it 
lifts  the  block.it  continues  to  monitor  that 
address."That’s  a  very  important  feature  for 
us  because  many  of  our  clients  are  sitting 
behind  one  legal  IP  address  and  many 
attacks  use  IP  address  spoofing,”  he  says.  So 
when  an  attacker  is  using  a  legitimate 
user’s  IP  address,  traffic  is  only  disrupted 


for  a  short  time. 

NetProtect  doesn’t  use  signatures  at  all, 
which  eliminates  the  chore  of  installing 
signature  updates  and  tuning  the  device 
afterward.“Maintaining  this  system  takes 
us  about  one-fourth  of  the  time  it  took  us 
to  maintain  the  other  [IDS],” Meroz  says. 

Shielding  Cal  State 

Chris  DaSilva,  network  architect  and  engi¬ 
neer  for  California  State  University  at 
Hayward,  has  had  a  similar  experience  dur¬ 
ing  his  beta  test  of  Intru  Vert’s  IntruShield, 
which  began  in  late  March.  He  says 
IntruShield  installed  in  about  15  minutes, 


after  which  it  learns  about  its  network  sur¬ 
roundings  and  creates  a  baseline  for  traffic 
patterns  at  various  times  of  day  and  in  dif¬ 
ferent  network  segments.  IntruVert  also 
pushes  out  signature  updates  to  customers, 
and  provides  for  an  automated  update. 

That  was  a  big  step  up  for  DaSilva  from 
the  signature-based  IDS  the  university  had. 
Signatures  must  be  manually  downloaded 
from  the  vendor  and  installed  on  the  sen¬ 
sor.  But  his  bigger  gripe  was  that  updates 
were  issued  only  every  two  or  three 
months.“It’s  not  nearly  frequent  enough,”  to 
keep  up  with  new  attacks,  he  says. 

When  the  Code  Red  worm  hit,  DaSilva’s 
group  had  to  write  its  own  signature. The 
resulting  code  required  the  IDS  to  peer 
so  deep  into  packets  that  it  was  affecting 
throughput.  IntruShield,  by  contrast,  is 
optimized  for  speed,  he  says,  and  can 
examine  every  packet  in  depth  without 
affecting  performance. 

DaSilva  also  likes  the  reporting  capabili¬ 
ties  built  in  to  IntruShield,  noting  that 
many  other  IDSs  require  a  separate  report¬ 
ing  package.“lntruVert  gives  you  lots  of 
management-type  reports,  top  10  attackers 
and  such,”  he  says. 

That  makes  it  simple  to  determine  what 
new  rules  have  to  be  written  to  thwart 
attacks,  without  having  to  monitor  the 
device  all  day“That  can  be  quite  time-con¬ 
suming,”  he  says.“If  you  have  a  lot  of  these 
deployed,  it’s  a  full-time  job.” 

IntruVert  also  allows  for  distributed 


administration,  letting  different  administra¬ 
tors  monitor  the  portions  of  the  network 
for  which  they  are  responsible.  DaSilva 
says  that  feature  will  let  the  eight  adminis¬ 
trators  who  are  responsible  for  the  differ¬ 
ent  schools  and  administrative  offices 
within  the  university  each  monitor  their 
own  network  segments. 

DaSilva  says  he  also  likes  IntruShield’s 
ability  to  drop  packets  or  reset  connec¬ 
tions  on  its  own. “That’s  our  goal,  to  let  it 
drop  packets,”  DaSilva  says.“We  can  set 
what  we  want  to  be  sensitive  to  and  what 
we’re  comfortable  with,  and  let  it  fty? 

Palm's  manly  defense 

Matt  Archibald,  director  of  global  IT 
security  for  Palm  in  Santa  Clara,  needed  a 
tool  that  would  provide  a  high  level  of 
risk  management,  didn’t  require  a  lot  of 
staff  and  could  operate  at  near-gigabit 
speed.  He  opted  for  Manhunt  and  Man- 
trap  products  from  Recourse. 

Mantrap  is  essentially  a  honey- 
pot  intended  to  trap  intruders, 
while  Manhunt  is  an  IDS  that 
supports  protocol  anomaly 
detection  and  statistical  correla¬ 
tion  and  analysis.  It  can  support 
signatures,  including  those 
imported  from  other  IDSs.  Palm 
uses  both  products  to  detect 
internal  and  external  threats. 

“Manhunt  has  saved  our  butts 
already  with  some  of  the  newer 
viruses  propagating, Trojans  like 
Nimda  and  Code  Red,” Archi¬ 
bald  says.  Manhunt  caught  both  worms  at 
least  48  hours  before  other  security  ven¬ 
dors  alerted  Palm  to  them. 

Correlation  capabilities  in  Manhunt  let 
it  winnow  down  thousands  of  events  to 
maybe  a  couple  of  dozen  that  require 
further  investigation,  he  says.“So  you  real¬ 
ly  don’t  need  to  tune  anything  out,”  as 
with  traditional  IDSs.“There’s  far  less  to 
look  at.” 

Manhunt  also  is  able  to  keep  up  with 
Palm’s  high-speed  links,  most  notably  the 
T-3  lines  that  connect  headquarters  and 
data  centers,  and  the  Internet  connec¬ 
tions  for  Palm.net,  the  ISP  the  company 
operates  for  wireless  users. 

He  doesn’t  miss  having  to  keep  up  with 
signature  updates,  a  process  he  knows 
well  from  previous  stints  as  a  consultant. 
Deploying  new  signatures  meant  testing 
them  for  a  few  hours  first  in  a  staging 
area,  a  process  he  acknowledges  most 
users  probably  don’t  go  through.  He  says 
that  is  a  mistake,  even  with  the  new  auto¬ 
mated  update  features. 

“Never  assume  that  something  you  auto¬ 
mate  to  grab  code  for  you  is  doing  the 
right  thing,”  he  says.“You  need  to  validate 
that  you’re  not  opening  another  hole.”  A 
word  to  the  wise. 

Editor's  note:  NetScreen  announced  on 
Aug.  29  that  it  plans  to  buy  OneSecure  for 
about  $140  million  in  stock. 

Desmond  is  a  writer  and  editor  in 
Framingham,  Mass.,  who  serves  as  editor 
of  eSecurityPlanet.com.  He  can  reached  at 
paul@pdedit.  com. 


Intrusion  detection  and  prevention 

An  anomaly-based  IDS  can  detect  attacks  by  analyzing  traffic 
and  looking  for  suspicious  activity. 


0  Modify  firewall  policy. 
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Convergence  has  made  big 
inroads  in  enterprise  networks 
over  the  past  12  months,  and 
continues  to  gain  momentum  as  new 
network  equipment  is  installed  with 
Voice  over  IP  capabilities. 
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In  this  latest  SPECIAL  REPORT  - 
exclusively  from  Network  World 
Fusion  -  Steve  Taylor,  well-estab¬ 
lished  convergence  analyst  who 
co-authors  Network  World's 
Convergence  newsletter,  will  bring 
the  enterprise  user  up  to  date  on  the 
latest  news  and  analysis  in  the 
Convergence  field. 

Take  advantage  of  this  free  offer  from 
Network  World  Fusion  and  download  / 
your  copy  of  the  SPECIAL  REPORT: 
VoIP  Implementation:  Who's  Doing  It, 
and  Why  in  PDF  format  today. 
Download  this  SPECIAL  REPORT  at: 
http://www.nww1.com/go/ad328.html 
(registration  required) 


Steve  Taylor  is  presi¬ 
dent  of  Distributed 
Networking  Associates 
and  publisher  of 
Webtorials.com,  a  Web 
site  dedicated  exclu¬ 
sively  to  technology 
tutorials  in  the  broadband  packet 
areas  of  frame  relay,  ATM  and  IP.  Taylor 
also  is  a  columnist  for  Network  World 
and  co-author  of  Network  World's 
"Wide  Area  Networking"  and 
"Convergence"  newsletters.  Taylor  can 
be  reached  at  tavlor@webtorials.com. 
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Network  World  Fusion  offers 
a  SPECIAL  REPORT: 

VoIP  Implementation: 

Who's  Doing  It,  and  Why 

For  a  limited  time  you  can  get  a  copy  of  this  SPECIAL  REPORT 
in  PDF  format,  free.  Just  visit  Network  World  Fusion  at 
http://www.nvvw1.com/go/ad328.html  to  download 
your  free  copy  of  the  VoIP  Implementation:  Who's  Doing  It,  and 
Why  SPECIAL  REPORT  today!  (registration  required) 
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ADIRATI 

ADTRAN 

Hetlanta3200 

(800)  9ADTRAN  or  (256)  963-8000 

www.adtran.com 
Booth  #521 

The  NetVanta  3200  is  a  full-featured,  low- 
cost,  access  router  alternative.  It  offers 
businesses  of  all  sizes  voice  and  data  con¬ 
nectivity  and  Internet  access. This  router 
is  equipped  with  a  stateful  inspection 
firewall,  integrated  DSU/CSU,  familiar 
Command  Line  Interface,  optional  PBX 
port,  and  a  5-year  warranty  with  unlimited 
telephone  support. 


altiris* 

intuitive  >  manageability 

Altiris 

(801)  805-2400 
www.altiris.com 
Booth  #6234 

Altiris  offers  a  full  line  of  Web-enabled  solu¬ 
tions  that  empower  organizations  to  easily 
manage  desktops,  notebooks,  handhelds 
and  servers  throughout  the  IT  lifecycle. 
Altiris  provides  fully  integrated,  complete 
systems  management  solutions  including 
deployment  and  migration,  software  opera¬ 
tions  management,  inventory  and  asset 
management,  and  help  desk  management. 
Altiris'  core  technologies  greatly  reduce  the 
cost  and  complexity  of  owning  IT  resources. 


Networks 

AppDancer  Networks,  Inc. 

AppDancer/RV;  AppDancer/FA 

(770)  643-6800 

www.AppDancer.com 
Booth  #1251 

AppDancer  Networks  manufactures  new 
easy-to-use  application-centric  network 
monitoring  and  flow  analyzer  tools. 
AppDancer  products  monitor  critical  net¬ 
work  applications,  including  email,  web,  ftp, 
database,  and  VoIP,  and  create  unique  diag¬ 
nostic  views  of  client-server  conversations. 
Resolve  problems  quicker  and  enhance 
application  performance  with  AppDancer 
software.  The  future  is  now  at  AppDancer 
Networks! 


Avocent 


Avocent  Corporation 
AutoView  1 00 OR  and 200 OR 
(256) 430-4000 
www.avocent.com 
Booth  #635 

Avocent's  new  AutoViewlOOOR  and  2000R 
combine  analog  and  digital  KVM  OVER  IP™ 
switching  technology  all  in  one  switch  for 
total  control  of  any  server.  AVWorks  soft¬ 
ware  is  bundled  with  each  switch  at  no 
extra  charge,  providing  customers  with 
an  intuitive  interface  for  secure  click  and 
connect  access  to  any  server. 
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FOUNDRY 

NETWORKS 

Foundry  Networks 
Fastlron ®  Edge  Switch 

(408)  586-1700 
www.foundrynetworks.com 
Booth  #2435 

The  Fastlron®  Edge  Switch  series  of  intelli¬ 
gent  edge  products  provides  more  flexibility, 
greater  levels  of  security,  extensive  redun¬ 
dancy,  expanded  reliability,  and  increased 
resiliency  —  while  decreasing  the  network’s 
Total  Cost  of  Ownership  and  reducing  the 
cost  of  network  operation  and  network 
administration  training. 


Omnitron  Systems 
Technology,  Inc. 

Omnitron  Systems  Technology,  Inc. 

iConverter  Managed  Media  Converters 

(949)  250-6510 
www.omnitron-systems.com 
Booth  #750 

Omnitron  Systems  Technology,  Inc.  is  the 
premiere  source  for  fiber  media  conversion 
and  data  communications  hardware  for 
Enterprise  and  Metropolitan  network  appli¬ 
cations.  Omnitron  manufactures  managed 
and  unmanaged  media  and  fiber  converters, 
switches,  star-concentrators,  multiplexers, 
repeaters,  and  transceivers  for  10, 100, 
10/100  and  Gigabit  Ethernet,  ATM.T1/E1, 
RS-232,  Token  Ring  and  AS/400  networks. 
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Combining 
caching 
with  Web 
security 


Blue  Coat  Secu 
Gateway  800 


LU  BY  DAVID  NEWMAN,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 

ast  month  CacheFlow  changed  its  name  to  Blue  Coat  Systems,  reflecting  a 
new  focus  on  policing  the  Web.  The  company’s  new  beat  cop  is  its  Security 
Gateway  800,  which  combines  proxy  caching  with  fine-grained  control  over 
Web,  Secure  Sockets  Layer  and  streaming  media  traffic.  The  SG800  handles  security 
tasks  that  firewalls  can’t, such  as  blocking  executable  objects,  viruses  and  other  unde¬ 
sirable  content  on  a  per-object  basis. 


The  new  product  also  enhances  CacheFlow’s  respectable 
caching  performance.  In  our  tests,  the  device  moved  traffic  at 
rates  of  1,200  transaction/sec,  with  no  performance  hit  when 
advanced  features  are  enabled. This  performance  and  its  ease 
of  use  made  it  worthy  of  our  World  Class  Award. 

Housed  in  a  1U  (1.75-inch)  rack-mountable  enclosure,  the 
SG800  we  tested  features  2G  bytes  of  RAM,  four  redundant 
68G-byte  SCSI  drives,  two  10/100M  bit/sec  Ethernet  interfaces 
and  a  copper  gigabit  Ethernet  interface. 

Setting  up  the  SG800  is  simply  a  matter  of  entering  four  para¬ 
meters  on  a  front-panel  LED.  Everything  afterward  can  be 
done  via  CacheFlow’s  well-known  intuitive  Web  interface. 

The  SG800  retains  the  same  caching  features  as  previous  ver¬ 
sions  of  the  vendors  custom  CacheOS  operating  system.  Chief 
among  these  is“prefetching”of  objects.If  users  often  visit  a  site 
where  pages  contain  a  large  number  of  images  or  other  embedded  objects,  the 
cache  will  “prefetch”  all  objects  so  they  can  be  served  from  the  cache. 

The  user  interface  now  includes  a  Visual  Pblicy  Manager  (VPM),  a  Java-based 
applet  with  a  look  and  feel  that  will  be  familiar  to  users  of  Check  Point  Software  or 
NetScreen  Technologies  firewalls. 

Where  VPM  differs  from  most  firewalls  is  in  its  much  finer  grained  control  over 
access  to  Web,  SSL  and  streaming  media  content.The  SG800  lets  users  screen  con¬ 
tent  based  on  HTML  content  type,  executable  content  type,  user’s  browser  type, 


More  online! 

Check  out  the  full  performance  results 
from  our  tests. 
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Net  Results 


Security  Gateway  800 


RATING 


Company:  Blue  Coat  Systems,  (408)  220-2200, 
www.bluecoatsystems.com  Cost:  $6,000  to  $30,000  (as  tested). 
Pros:  Fine-grained  access  control;  a  snap  to  use;  strong  performer. 
Cons:  Encryption  of  administrative  traffic  disabled  by  default. 


What's  the  score? 


Security  Gateway  800 


Features  30% 


Performance  30% 


Ease  of  use  20% 


Security  10% 


Price/value  10% 


TOTAL  SCORE 


Individual  category  scores  are  based  on  a  scale  of  1  to  5.  Percentages  are  the  weight  given 
each  category  in  determining  the  total  score.  ■  Scoring  Key:  5:  Exceptional  showing  in  this 
category.  Defines  the  standard  of  excellence.  4:  Very  good  showing.  Although  there  may  be  room 
for  improvement,  this  product  was  much  better  than  the  average.  3:  Average  showing  in  this 
category.  Product  was  neither  especially  good  nor  exceptionally  bad.  2:  Below  average.  Lacked 
some  features  or  lower  performance  than  other  products  or  than  expected.  1:  Consistently 
subpar,  or  lacking  features  being  reviewed. 


time  of  day  and  hundreds  of  other  parameters.  It’s  possible  to 
block  clients  using  Microsoft  Internet  Explorer  5.0  from 
requesting  a  group  of  URLs  containing  ActiveX  objects  during 
business  hours. 

VPM  is  equally  strong  when  it  comes  to  access  policies. 
Users  or  groups  can  be  allowed  or  denied  access  based 
on  individual  IP  addresses, subnets,  NT  LAN  Manager,  Remote 
Authentication  Dial-In  User  Service  or  Lightweight  Directory 
Access  Protocol  authentication. 

The  SG800  can  scan  for  viruses  and  objectionable  content 
through  use  of  third-party  plug-ins.  With  these  plug-ins,  the 
SG800  will  set  up  rules  to  deny  content  that  contains  known 
viruses  or  content  such  as  violence,  nudity,  hate  speech  or 
other  user-defined  policies. 


Security  concerns 

As  powerful  as  these  security  features  can  be,  we  are  concerned  with  the  prod¬ 
uct’s  remote  management.  While  the  SG800  supports  encrypted  access  via  SSL  or 
Secure  Shell  (SSH),  neither  of  these  services  is  enabled  by  default.  Instead,  the 
default  access  is  via  a  Web  browser  or  telnet.  As  a  result,  an  unauthorized  user 
could  intercept  passwords  or  management  commands. 

Similarly,  the  SG800  can  upload  its  logs  to  another  server,  but  the  transfer  method 
is  FTP  yet  another  unsecure  protocol. 

Unsecure  default  configurations  are 
problematic  in  any  device,  let  alone 
one  called  a  “security  gateway  Users 
are  well  advised  to  enable  SSH  and 
SSL  before  putting  the  SG800  into  pro¬ 
duction  networks. 


Speed  demon 

We  ran  several  benchmarks  to  eval¬ 
uate  the  SG800’s  performance  (see 
How  we  did  it,  page  62). We  measured 
basic  transaction  rate  and  transaction 
rates  with  logging  and  rule  sets 
enabled. 

To  get  a  sense  of  how  the  SG800 
would  handle  a  meaningful  produc¬ 
tion  load,  we  used  Web  Polygraph,  the 
open  source  tool  that  has  become  a 
de  facto  standard  for  measuring 
cache  performance. 

Polygraph’s  Polymix-4  traffic  load 
uses  a  blend  of  content  types,  object 
size  distributions,  object  popularity, 
object  freshness  and  cacheability. 
Polygraph  also  models  delays  and 
packet  loss  typically  added  by  WAN 
links. 

The  SG800  handled  a  peak  load  of 


Blue  Coat  SG800 
response  rates 

In  our  tests,  the  device  moved 
traffic  at  rates  of  1,200 
transactions  per  second,  with 
no  performance  hit  when 
advanced  features,  such  as 
logging,  were  enabled. 
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1,202  tran.saction/sec  in  our  tests,  and  it’s 
possible  that  the  device  could  go  even 
faster. The  !, 202-transaction/sec  rate  rep¬ 
resents  a  horsepower  limit  of  our  test  bed, 
and  not  necessarily  a  limit  of  the  SG800. 

We  conducted  our  initial  tests  with  ac¬ 
cess  logging  disabled.  Because  access 
logging  is  commonly  used  in  production 


settings,  we  ran  the  test  once  again  with 
logging  enabled. 

The  good  news  is  that  transaction  rates 
were  just  about  the  same:  Even  with  log¬ 
ging  turned  on,  the  SG800  moved  1,191 
transaction/sec. 

We  ran  the  same  test  with  10  access 
policies  defined  —  five  “allow”  rules  and 


five  “denies”  —  the  SG800  moved 
around  1 , 1 74  transaction/sec. 

One  cost  to  adding  logging  and  access 
rules  was  that  the  number  of  errors 
increased. 

In  our  baseline  test,  there  were  virtually 
no  errors.  With  logging  enabled,  there 
were  errors  on  about  3.5%  of  transac¬ 


Listening  to  customer  needs,  we  develop  products  that  are  flexible  and  scalable 
to  grow  and  evolve  with  today’s  SAN  and  LAN  environments.  No  other  company 
offers  products  as  easy-to-use  and  easy-to-implement. 


Take  a  test  drive. 

Remove  the  gridlock  from  your  network.  Test  drive  Finisar  Performance  Tools  at 
www.finisar.com/testdrive 


NetWortd+Interop/Comdex,  Atlanta  *  Storage  Decisions  2002,  Chicago  •  Gartner  IT,  Orlando 
'  r.AlN.’eiess,  las  Vegas  San  Diego,  San  Francisco,  Seattle,  Chicago,  Dallas,  Atlanta,  Boston  &  New  York 


Complete  SAN  LAN  performance  tools. 

Finisar  has  been  offering  its  customers  the  tools  necessary  to  increase  efficient 
network  operation  for  over  14  years.  Finisar’s  family  of  network  analysis  and 
performance  testing  products  ensure  optimum  performance  through  constant 
monitoring,  measuring  and  analysis;  locating  and  repairing  problems  before 
they  cause  an  impact. 


For  more  details: 


tions,  and  there  were  errors  on  about  7% 
of  transactions  with  logging  and  access 
rules  enabled. 

Most  errors  involved  transaction  time¬ 
outs,  but  in  all  cases  overall  response 
times  remained  fairly  even. 

The  SG800  offers  a  unique  combination 
with  its  fine-grained  access  control  and 
its  caching  features  that  help  network 
professionals  save  bandwidth  and  speed 
response  times. 

Newman  is  president  of  Network  Test  in 
Westlake  Village,  Calif.,  an  independent 
benchmarking  consultancy.  He  can  be 
reached  at  dnewman@networktest.com. 


■  How  we  did  it 


To  measure  cache  perfor¬ 
mance,  we  used  Web  Poly¬ 
graph,  an  open  source  HTTP 
generation  and  analysis  tool. 
Besides  the  Blue  Coat  Security 
Gateway,  our  test  bed  included 
three  pairs  of  Dell  Optiplex  GX100 
machines  with  256M  bytes  of  RAM 
running  FreeBSD  4.3  and  Web 
Polygraph  and  an  Extreme  Net¬ 
works  Summit  7i  switch  that  tied 
all  the  systems  together. 

We  used  the  Polymix-4  workload 
and  Release  2.7.6  of  the  Polygraph 
software.  We  used  the  default  para¬ 
meters  of  10  phases,  including  two 
peak  load  phases  during  which  we 
took  our  measurements.  We  also 
enabled  FreeBSD’s  Dummynet  fea¬ 
ture,  which  simulates  client-side 
WAN  latencies  of  40  msecs  per 
packet  and  a  0.05%  probability  of 
packet  loss  on  the  server  side.  We 
did  not  add  latency  or  packet  loss 
for  the  clients. 


■  Newman  is  a  member  of  the  Network 
World  Global  Test  Alliance,  a  cooperative  of 
the  premier  reviewers  in  the  network  in¬ 
dustry,  each  bringing  to  bear  years  of 
practical  experience  on  every  review.  For 
more  Test  Alliance  information,  including 
what  it  takes  to  become  a  member,  go  to 
www.nwfusion.com/alliance. 

Other  members:  Mandy  Andress, 
ArcSec;  John  Bass,  Centennial  Networking 
Labs,  North  Carolina  State  University;  Travis 
Berkley,  University  of  Kansas;  Bob  Currier, 
Duke  University;  Jeffrey  Fritz,  West  Virginia 
University;  James  Gaskin,  Gaskin  Computing 
Services.  Greg  Goddard,  University  of 
Florida;  Thomas  Henderson,  Extremelabs, 
Miercom;  Network  Consultancy  and  Product 
Test  Center;  Christine  Perey,  Perey 
Research  &  Consulting;  Barry  Nance,  inde¬ 
pendent  consultant;  Thomas  Powell,  PINT; 
Joel  Snyder,  Opus  One. 
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radware 


Radware 
(201)  512-9771 
www.radware.com 
Booth  #1755 

Radware's  Intelligent  Application  Switching 
(IAS)  solutions  bridge  the  gap  between 
networks  and  applications.  IAS  combines 
a  high-performance  ASIC  based  switch 
platform  and  an  intelligent  network  services 
software  architecture  to  create  a  suite  of 
purpose  built  products  that  provide  high 
availability,  high  performance,  maximum 
security,  and  total  control.  This  combination 
of  products,  intelligent  services  architec¬ 
ture,  and  high  performance  hardware 
makes  Radware’s  IAS  solutions  the  industry 
benchmark  in  performance,  scalability,  and 
throughput. 


i(|\ROSE 
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Rose  Electronics 

UltraUnk 

(800) 333-9343 
www.ROSE.com 
Booth  #1345 

UltraUnk  sets  a  new  standard  in  remote 
management  of  server  room  environments. 
The  UltraUnk  digitizes,  scales,  compresses, 
and  encrypts  the  remote  computer’s  video, 
and  packetizes  it  into  theTCP/IP  protocol. 
This  process  allows  you  to  access  remote 
computers  from  anywhere.  Call  Rose  to 
learn  more  about  KVM  Access  over  IP, 

KVM  Switches,  and  Extenders. 


raqia 

■  n  p  t  \a / 


networks,  inc. 

Raqia  Networks 

ReGXP2G  Regular  Expression  Coprocessor 

(617)  243-9400 

www.raqia.com 

Booth:  Start-up  City,  #554 

Silicon  Solutions  for  Content-Based 
Networks.  Raqia  Networks  offers  wire-rate 
Regular  Expression  text-processing  solu¬ 
tions  ideal  for  security-related  (IDS/Virus- 
scanning)  and  HTTP  header-parsing 
(Web-switching,  SLB)  applications.  The 
ReGXP  Regular  Expression  Coprocessor 
supports  rule  matching  anywhere  in  the 
packet  header  or  payload,  parsing  byte-by- 
byte,  both  anchored  and  unanchored 
regular  expressions  and  sub-expressions. 
Raqia’s  patented  ReGXP  is  the  leading  sili¬ 
con-based  Regular  Expression  Coprocessor. 
Please  see  our  ad  in  this  issue  of  Network 
World. 
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PowerStru>\ure 

APC 

PowerStruXure 

(800)  289-APCC  x2482 

www.apcc.com/go/promo/powerstruxure 
Booth  #943 

APC's  PowerStruXure  is  an  entirely  new 
approach  to  data  center  support  that  sim¬ 
plifies  the  design,  building  and  management 
of  physical  infrastructure  with  an  innova¬ 
tive,  fully  engineered  and  tested  system.  The 
three  initial  core  solutions  that  comprise 
PowerStruXure  are  a  modular,  scalable, 

N+1  redundant  uninterruptible  power  supply 
(UPS);  zoned,  intelligent  power  distribution; 
and  a  next  generation  rack  enclosure. 
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VBrick  Systems,  Inc. 

VBVoD  (Video-on-Demand) 

(203)  265-0044 

www.VBrick.com 
Booth  #723 

VBrick  Systems  manufactures  video  net¬ 
work  appliances  for  live  and  on-demand 
DVD  quality  streaming.  It  will  be  showcas¬ 
ing  its  new  low  cost  Video-on-Demand  sys¬ 
tem  at  N+l.  Designed  for  schools,  corpora¬ 
tions,  and  government  agencies  the  VBVoD 
complements  VBrick’s  real-time  MPEG 
encoders  and  decoders  for  distance  learn¬ 
ing,  training  and  surveillance  applications. 


Xterasys" 

Xterasys  Corporation 

SoGate 

(877)  Xterasys  or  (877)  983-7279 
www.xte  rasys.  co  m 
Booth  #917 

Xterasys,  a  global  provider  of  network  solu¬ 
tions,  is  focused  on  advancing  the  state  of 
the  art  in  digital  communications.  Xterasys 
currently  offers  Small  Office  solutions 
including  wired  and  wireless  LAN  and  WAN 
products.  More  information  on  Irvine, 
California  based  Xterasys  can  be  found  on 
the  World  Wide  Web  at  www.xterasys.com. 
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All  efforts  have  been  made  to  make  this  listing  as  complete  and  accurate  as 


possiBfe.  Network  World  is  not  liable  for  errone  or  omissions 


networks. 


Test  drive  netViz  6.0  Free  at 


.netviz.com 


PowerPoint  and  Vtsto  are  registered  trademarks  of  Microsoft  Corporation.  netViz  and  the  netViz  logo  are 


trademarks  of  netViz  Corporation. 


netViz  6.0 


"You  can  make  notes  in  a  PowerPoint 
presentation  and  put  words  on  a  Visio 
drawing,  but  you  are  limited  by  space  on 
the  page.  If  you  need  to  create 
professional-looking  network  diagrams  that 
also  contain  data,  check  out  netViz  Corporation's 
updated  netViz  3D." 

Network  Computing, 

September  18,  2000 


"If  you’re  trying  to  building  living  documentation, 
netViz  3D  is  the  answer...  Its  database  interface  is 
powerful  yet  simple  to  use. ..netViz  also  rises  above 
the  pack  thanks  to  its  Web  Publishing  capability..." 

Network  Computing, 
September  17,  2001 


"The  key  is  to  find  a  diagramming  software  product 
that  is  easy  to  use,  visually  interesting  and 
logically  organized.  In  a  crowded  field,  netViz  stands 
out  in  all  those  areas." 

Federal  Computer  Week, 
September  18,  2000 


We  could  say  that  netViz  is  great  for  documenti 

But  why  take  our  word  for  it? 


Reviewer's  Choice  -  Best  Overall  Documentation  Tool 
Government  Computer  News,  March  29,  1999 
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"An  Overall  Rating  Of  Excellent" 


•  •••• 

October  17,  2000 
netViz  3D 
netViz 


"The  program's  utility  is 
extraordinary." 

PC  Magazine, 
October  17,  2000 
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Strategies 

■  PROJECT  MANAGEMENT 

■  BUSINESS  JUSTIFICATION 


Storage  specialists 

Two  IT  executives  share  why  they  pursued  storage-area  certification  programs. 


■  BY  LINDA  LEUNG 

As  21st  Century  Insurance  built  its  client  base,  its  storage-area  net¬ 
work  soon  ballooned  to  15  terabytes  of  data.  The  Woodland  Hills, 
Calif., company  had  little  storage  expertise  in-house  and  relied  on  its 
main  storage  vendor,  EMC,  for  guidance.  But  two  years  ago,  the  com¬ 
pany  put  its  network  engineer  in  charge  of  the  day-to-day  running  of 
the  burgeoning  SAN  and  sent  him  to  train  in  the  technology 


Thanks  to  Thomas  Locke’s  storage  edu¬ 
cation  and  certifications,  he  reclaimed 
about  1.5  terabytes  of  misallocated  stor¬ 
age  within  the  first  six  months  of  manag¬ 
ing  the  SAN  and  has  played  an  active  role 
in  the  company’s  SAN  redesign.  Locke’s 
certifications  from  EMC  and  the  Storage 
Networking  Industry  Association  (SNIA) 
also  have  earned  him  a  promotion  to  net¬ 
work  specialist. 

“We  wanted  to  educate  ourselves  so  the 
company  would  not  be  so  vendor-reliant 
for  information  and  management,”  Locke 
says.Storage  vendors  have  touted  the  man¬ 
agement  benefits  of  their  products  for 
years,  and  IT  executives  want  to  cut  through 
the  hype  and  understand  how  the  technol¬ 
ogy  could  help  their  organizations.  Storage 
certification  could  be  the  answer. 

“There  is  a  significant  number  of  people 
starting  to  understand  that  storage  is  mov¬ 
ing  from  direct-attached  to  SAN.  But  direct- 
attached  still  controls  80%  of  the  market 
because  there  is  not  a  lot  of  knowledge 
about  SAN,”  says  Steve  Kenniston,  technol¬ 
ogy  analyst  at  Enterprise  Storage  Group. 

Ray  Dickensheets  wanted  to  educate  him¬ 
self  as  a  buyer.  A  senior  technical  analyst  for 
Sprint,  Dickensheets  says  his  SNIA  certifica¬ 
tion  “has  enhanced  my  knowledge  of  stor¬ 
age  technologies.  It  brings  a  higher  level  of 
credibility  and  confidence  in  the  technolo¬ 
gies  I  recommend.” 

Sprint  has  used  SANs  since  1999  for  Web 
hosting  and  has  been  expanding  the  infra¬ 
structure  since  it  began  managing  larger 
file  systems  and  databases  for  customers. 
Hitachi  storage  arrays,  Qlogic  SAN  switches 
and  several  brands  of  host  bus  adapters 
comprise  the  SAN. 

The  company  has  been  planning  a  migra¬ 
tion  from  1 -gigabit  SAN  technology  to  the 
newer  standard-compliant  2-gigabit  archi¬ 


tecture.  Dickensheets  says  the  knowledge 
he  gained  from  his  storage  education  has 
been  essential  in  evaluating  the  new  tech¬ 
nology 

For  Locke,  storage  education  helped  him 
rein  in  21st  Century’s  unwieldy  SAN.  Three 
years  ago,  the  firm  started  with  an  EMC- 
designed  environment  that  stored  10  ter¬ 
abytes  of  data,  and  added  more  host 


servers  to  support  new  applications.  But 
21st  Century  had  little  knowledge  of  how 
the  extra  data  could  be  installed  efficiently 
to  save  disk  space. 

By  the  end  of  the  first  year  of  installation, 
21st  Century  was  operating  three  EMC 
Symmetrix  disk  arrays.  The  infrastructure 
included  five  isolated  storage  network  fab¬ 
rics  running  different  Fibre  Channel  proto¬ 
cols.  Some  storage  was  connected  to  only 
one  fabric,  thus  stranding  valuable  space. 

Locke’s  first  task  upon  taking  responsi¬ 
bility  for  the  SAN  was  to  document  the 
entire  architecture  and  attend  training. 

Last  year,  the  company  decided  to  re¬ 
design  its  SAN.  Through  Locke’s  under¬ 
standing  of  efficient  SAN  designs,  21st 
Century  now  is  consolidating  its  storage  to 
fit  two  EMC  disk  arrays  instead  of  three,  plus 
implementing  a  fabric  design  that  taps 
high-availability  features. 


Scheduled  for  completion  in  October,  the 
redesigned  SAN  will  provide  redundant 
paths  for  critical  production  data.  Any  host 
on  the  SAN  can  be  assigned  to  any  storage, 
and  all  host  bus  adapters  will  use  the  Fibre 
Channel  protocol. 

Study  specifics 

The  SNIA  program  appealed  to  Dicken¬ 
sheets  because  it  is  vendor-neutral.  He  al¬ 
ready  holds  the  Professional  and  Prac¬ 
titioner  designations  and  is  preparing  for 
the  Specialist  exam. 

Dickensheets  set  aside  several  weeks  of 
intense  studying  for  the  tests  —  one  test 
for  each  certification  —  by  reading  vari¬ 
ous  books  about  the  technology  He  wants 
to  take  some  instructor-led  courses  for  his 
next  exam  because  of  the  need  for  hands- 
on  experience. 

Locke,  who  already  holds  Microsoft 
Certified  Systems  Engineer  and  MCSE  NT 
4.0  certifications,  first  turned  to  EMC  for 
education,  taking  some  of  its  instructor-led 
courses  and  reading  books. 

After  two  months  of  studying  and  prac¬ 
ticing  with  some  storage  switches  at  work, 
Locke  passed  the  exams  and  gained  the 
designation  EMC  Proven  Professional: 
Operator  at  the  Associate  level.  He  has  two 
more  tests  to  take  for  the  higher  Operator 
at  Master  level  certification. 

After  gaining  his  first  EMC  certification 
Locke  decided  to  study  for  the  SNIA  FC- 
SAN:  Professional  exam.  Like  Dickensheets, 
he  prepared  for  the  test  on  his  own,  but  rec¬ 
ommends  taking  instructor-led  courses. 

“The  SNIA  exam  was  pretty  tough,  even 
though  it  was  a  Level  1  test  —  it  was  pretty 
technical,”  Locke  says.  “I  would  put  the 
EMC  and  SNIA  exams  on  a  par.  It  is  diffi¬ 
cult  to  read  books  and  pass  without 
hands-on  training.” 

He  is  now  preparing  for  the  SNIA  FC- 
SAN:  Practitioner  level  exam  and  says  he 
hopes  to  take  some  classes  when  his 
schedule  allows. 

Locke  plans  to  continue  with  storage 
education  and  says  it  makes  him  more 
marketable.  Tve  always  been  engaged  in  a 
very  Microsoft-centric  world  and  now  that 
storage  crosses  all  platforms,  my  technical 
ability  has  crossed  to  Unix  and  main¬ 
frames.  It  gives  me  a  rounder  view  of  the 
industry’ he  says.  SB 


Storage  smarts 

Here’s  a  sampling  of  available  storage  certification  programs  to  consider. 


Adaptec 

Adaptec  Certified  Storage  Professionals  possess  in-depth 
knowledge  of  Adaptec  products,  server  I/O  technologies,  RAID 
theory  and  implementation,  and  troubleshooting  methods. 

Brocade 

The  Brocade  Certified  Fabric  Professional  validates  those  who 
can  install,  configure  and  troubleshoot  various  Brocade  products, 
while  Certified  SAN  Designers  have  a  detailed  understanding  of 
SAN  design  and  implementation. 

EMC 

The  EMC  Proven  Professional  Certification  Program  offers  four 
designations  —  EMC  Proven  Professional  Operator,  Builder, 
Architect  and  Instructor.  Each  track  also  provides  an  Associate 
level  and  Master  level. 

McData 

The  McData  Certified  Professional  designation  has  two  tracks: 
Storage  Network  Designer  and  the  soon-to-be  launched  Storage 
Network  Implementer.  Certification  holders  can  design  small  to 
midsize  storage  networks,  incorporating  any  or  all  of  McData’s 
products.  Higher-level  certifications  are  on  the  way. 

Sun  (created 
with  Veritas) 

Sun  Certified  Data  Management  Engineers  can  administer  disk  array 
storage  systems,  while  Sun  Certified  Backup  and  Recovery  Engineers 
are  knowledgeable  about  reliable  back-up  methodology,  data  restoration 
and  design  requirements.  Sun  Certified  Storage  Architects  specialize 
in  SAN  design,  implementation  and  troubleshooting. 

Storage 

Networking 

Industry 

Association 

Created  by  Infinity  I/O,  the  program  offers  Fibre  Channel  Storage 
Area  Network  certifications  in  three  levels:  Professional, 
Practitioner  and  Specialist.The  first  level  is  aimed  at  help  desk 
and  support  pros,  the  midlevel  is  for  those  who  already  work  with 
Fibre  Channel  and  SANs,  and  the  top  tier  is  aimed  at  engineers. 

yi rib!  on  m 
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FREE  CAS  booklet  at 


www.cyclades.com/nw 

1-888-CYCLADES  1-888-292-5233 
510-770-9727 
sales@cyclades.com 
Fremont,  CA 


CYCIADES 
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The  Cydades-TS  Series  of  Console  Access  Servers  provides  the  highest  port  density  and  security 
at  a  very  competitive  price.  By  using  Linux  as  the  embedded  OS,  it  offers  the  flexibility 
required  to  manage  our  dynamic  environment.  The  Cydades-TS  is  a  key  element  to  help 
us  keep  our  servers  up  and  running."  -  Pete  Kumler,  Manager  of  Site  Operations,  Yahoo!  Inc. 


Cydades-TS  Series 

Console  Access  Server 

1/4/8/16/32/48  RS-232  poi 
First  Linux-based  Terminal 


Linux,  FreeBSD,  Sun,  HR 


LINUX 


©2002  Cyclades  Corporation.  All  rights  reserved.  All  other  trademarks  and  product  images  are  property  of  thier  respective  owners.  Product  information  subject  to  change  without  notice. 


MANAGE  YOUR  SERVERS  OVER  IP 

FROM  ANYWHERE 


Z-l 


UltraLink  sets  a  new  standard  in  remote  management  of  server 
room  environments.  It  saves  you  money  by  allowing  you  to  centralize 
your  IT  resources.  Since  it  does  not  depend  upon  software  loaded 
on  your  computers,  it  deploys  easily  and  works  on  any  operating 
system,  such  as  Windows,  Linux,  Solaris,  Unix,  or  OSX. 

The  UltraLink  digitizes  the  remote  computer's  video.  It  then  scales, 
compresses,  encrypts,  and  packetizes  it  into  the  TCP/IP  protocol.  At 
your  PC  the  free  Viewer  application  receives  and  displays  the  video 
and  sends  back  keyboard  and  mouse  data.  This  process  allow  you 
to  access  remote  computers  from  anywhere. 

Rose  is  a  leading  manufacturer  of  switching,  extension,  and  access 
products.  As  a  KVM  industry  pioneer,  Rose  is  known  for  its 
technically  superior  and  price  competitive  products. 

Join  the  ranks  of  many  successful  companies  using  UltraLink,  call 
Rose  to  learn  more  about  KVM  Access  over  IP  as  well  as  KVM 
Switches,  Extenders,  and  Data  Switches. 


UltraLink 


KVM  SWITCHES 


LOW  COST  SINGLE  USER 
Vista™ 

Low  cost  single  user 
KVM  switch  supports 
up  to  64  computers 


PROFESSIONAL  SINGLE  USER 
Ultra  View  Pro™ 

Professional  single  user 
KVM  switch  supports  up 
to  256  computers 


MULTI-USER  FIXED  CHASSIS 

UltraMatrix™  E-series 
Professional  multi-user  KVM  switch 
2  -  4  KVM  stations  to  1 ,000  computers 

N 
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MULTI-USER  EXPANDABLE 

UltraMatrix™  X-series 

Enterprise  class  multi-user  KVM  switch 
4  -  250  KVM  stations  to  1 ,000  computers 


USA  toll  free  800  333  9343 
ROSE  US  281  933  7673 
ROSE  Europe  +44  (0)  1264  850574 
ROSE  Asia  +61 7  3427  5353 


UP 

1 

ROSE  I 

Connects  to  standalone  computers  or  any  KVM  switch 

High  quality  16-bit  video  at  up  to  1280x1024  resolution 

Easy  to  install,  give  it  an  IP  address  and  run  the  Viewer  program, 
no  user  license  required 

Encrypted  communication  for  highly  secure  operation 
Scaling  and  scrolling  features  for  maximum  flexibility 
Single  mouse  cursor  simplifies  user  interface 
See  four  servers  from  one  screen  with  quad  screen  mode 
Lifetime  free  flash  upgrades 


KVM  EXTENDERS 


KVM  ACCESSORIES 


KVM  EXTENDER-COAX 
ViewLink™ 

Extends  KVMs  up  to  250  feet  away 
using  coax  cable 


KVM  RACK  DRAWER 

RackView™ 

1U  or  2U  rack  mountable  KVM  drawer 
17”  or  15"  LCD  video  monitors 
Optional  up  to  4x16  KVM  switch  option 
Kits  available  for  single  or  multiple  users 


KVM  EXTENDER-FIBER 
CrystalView  Fiber™ 

Extends  KVM  workstation 
up  to  30,000  feet  away 
Eliminates  EMI/RFI 
Supports  PC,  Sun,  and  USB 


KVM  SHARING 

Multistation™ 

Up  to  four  KVMs  to  one 
computer  allows  fully  automatic 
KVM  sharing 


CLA/TVItW 


KVM  EXTENDER-CAT  5 

CrystalView™ 

Extends  your  KVM  station 
up  to  1 ,000  feet  away  from  your 
computer  using  a  CAT-5  cable 
Now  available  with  Audio 
Supports  PC,  Sun,  and  Serial 


CLASSROOM  KVM  SWITCH 

ClassView™ 

Instructor  has  total  control 
over  classroom  of  up  to  255  students 
Instructor  can  access  the  students'  computers 
Keyboard  controlled,  easy  to  use 
Bus  connection  simplifies  installation 
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KVM  EXTENDER-CAT  5 
CrystalView  Mini  ™ 

Extends  KVM  workstation 
up  to  150  feet  away 
Single  and  dual  versions 


VIDEO  DISTRIBUTION 

VideoSplitter™ 

Splits  video  from  one  or  two 
computers  to  multiple  monitors 


Jf.ROSE 

ELECTRONICS 


Rose  Electronics  •  10707  Stancliff  Road  ■  Houston,  TX  77099 


ace 


Available  in  single  and  eight  channel  versions 


www.digitaiv6.com 


Resellers  and  Distributors  Welcome 


CONTROL  KEYBOARD  VIDEO  AND  MOUSE  REGARDLESS  OF  LOCATION 

With  the  Kaveman  networking  device,  you  can  remotely  control  servers,  either  over 
the  Internet  or  a  local  network,  down  to  the  BIOS  level. 


ALfTOMATICALLY  MONITOR  SERVH3  ACTIVITY 

Kaveman  automatically  monitors  critical  server  vitals  such  as  power,  video,  and 
keyboard  response;  it  alerts  you  to  crashes  and  enables  you  to  quickly  respond  to 
problems. 


a  u  e  m  a  n 

COMPLETE  KVM  CONTROL  VIA  TCP/IP 


ACCESS  SERVERS  USING  A  WEB  BROW5ER  OR  VNC 

All  you  need  to  operate  Kaveman  is  a  web  browser  or  VNC  on  the  remote  client.  No 
additional  software  is  required.  And  no  software/users  licenses  help  keep  your  costs 
down. 

REMOTELY  CONTROL  POWB3 

Through  the  user-friendly  Kaveman  GUI,  you  can  control  the  power  of  up  to  eight 
devices. 


SharkRack™ 
Systems  are  the 
leading  racking 
solution  for  multi¬ 
vendor  configura¬ 
tions.  We  rack 
Sun™,  Cisco™, 
Compaq™,  HP™ 
and  almost  any 
19”  El  A  standard 
unit.  Our  current 
Sun™  rack-mount 
kits  include: 


SHARK 


The  SharkRack  LCD  monitor  and 
keyboard  has  TFT  quality  video 
imaging  on  a  sliding  tray  that  is 
only  1.75”  high. 


SunFire™  3800 

4800  series 

servers 

E3500,  E4500 

A5000 

T-3 

Many  more, 
see  web  site 
for  details 


The  NetBotz™  RackBotz  unit 
installs  in  a  cabinet  and  monitors 
internal  conditions.  If  a  problem 
occurs,  it  will  send  out  an  alert  by 
email,  pager,  or  other  device. 
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t^ack: ..Inc  ShaikRack is  ^Trademark  of  SharkRack  Inc  AB  rights  reserved  NetBotz  is  a  trademark  of  RackBotz  Inc  HP  is  a  trademark  of  Hewlett  Packard.  Inc  Compaq  is 
Suojs’a  iradefna(k  cil  Sun  Microsystems.  Inc  Cisco  is  a  trademark  of  Cisco  Systems.  Inc  AB  other  trademarks  are  the  property  of  their  respective  holders 


Wondering  How  To  Get  More 
Out  Of  Your  Data  Center? 


Try  SharkRacks™.  Our  rack-mount  units  will 
safely  house  virtually  any  19”  EIA  standard  unit. 
Have  Suns?  No  problem.  What  about  Cisco  gear, 
or  Compaq,  or  HP  servers?  Sure.  We  can  rack 
that.  With  SharkRack  you  get  a  great  looking 
cabinet.  Our  space  savings  and  cabling  features 
will  organize  your  systems.  Most  importantly,  with 
our  NetBotz  unit  watching  over  your  systems, 
you’ll  always  know  what’s  going  on.  Call  us  today 
or  log  on  for  more  details  to  see  how  we  can  help 
you  save  space,  keep  cool,  and  look  good. 

877-427-5722 
wuiv.sharkrack.com 
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-1000 


Firewall  Appliance 


New  kid  on  the  block? 

Hardly... 

The  GB-1000  Firewall/VPN  appliance  is  powered  by  the  GNAT  Box 
System  software  -  the  original,  small  footprint,  high  performance 
firewall  system  first  introduced  in  1996.  The  GB-1000  is  deployed 
worldwide  by  organizations  that  desire  rock-solid  operation  and  the  best 
price/performance  ratio  on  the  market  today. 


GTA  has  10  years  experience  in  developing  quality  software.  Since  1994, 
GTA  has  been  producing  solid,  dependable,  ICS  A  certified 
firewalls,  with  a  powerful  feature  set  at  an  affordable  price. 


The  GB-1000  standard  configuration  includes  4  built-in  10/100  NICs. 
Expansion  options  allow  the  addition  of  up  to  4  more  NICs,  including 
Gigabit.  Each  NIC  is  fully  addressable,  allowing  flexible  configuration 


The  GB-1000  has  an  unlimited  user  license  and  supports  128,000 
concurrent  connections.  Our  powerful  dynamic  network  address 
translation  technology  and  stateful  packet  inspection  engine  provide  all 
users  with  transparent  Internet  access  and  proven  network  security. 


The  GB-1000  has  many  standard  features  including  IPSec  VPN,  DNS 
server,  failover  routing  and  DHCP  services.  Optional  features  such  as 
high  availability  and  24x7  support  are  also  available. 


Visit  our  web  site,  email  or  call  for  more  information. 

Global  Technology  Associates,  Inc. 

1-800-775-4GTA  •  www.gta.com  •  info@gta.com 


CERTIFIED 
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Great  Room  Service 


Evans  brings  together  the  finest  in  control  center 


design  services,  consoles,  audiovisual  solutions  and 


specialty  products  to  guarantee  a  complete,  integrated 


and  customer-focused  solution. 


With  over  4,500  successful  projects,  Evans  is  the  world¬ 
wide  leader  in  control  centers. 


phone: (403)  291-4444 

web:  www.evansonline.com  _ 

wr^  1 — \  /  A  rv  IC 

-  FIRST. 

fax:  (403)  250-6549 

email:  info@evansonline.com  * 

Remote  Console  Management  Solutions 


Access  Serial  Console  Ports...  from  Anywhere! 


OUT-OF-BAND  +  TELNET 


■  Multi-Session  Telnet 

■  8, 16  or  32  Port  Models 

■  Non-Connect  Port  Buffering 

■  AC  and  -48VDC  Power  Options 


OUT-OF-BAND  +  MODEM 


■  Internal  33.6  Kbps  Modem 

■  Seven  DB-9  Serial  Ports 

■  Any-to-Any  Port  Switching 

■  Co-Location  Password  Features 


OUT-OF-BAND 


■  4,  8  or  16  Port  Models 

■  Port  Specific  Passwords 

■  Safe  “Break”  Features 

■  Datarate/Flow  Control  Conversion 


WTI's  family  of  remote  site  management  products  allows  network  administrators  to  manage  network  elements  located  anywhere.  WTI  designs  and  manufactures  in- 
band  and  out-of-band  console  and  terminal  switches,  remote  reboot  and  power  management  solutions,  rack  mounted  modems  and  automated  A/B  Fallback  Switches. 


www.wti.com 


Features  included  in  all  Console  Switches 

(800)  854-7226 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  9  2  6  1  8  -  2  5  1  7 


Keeping  the  Net.. .Working! 


Eliminate  Dangerous 
Hot  Spots  in  Your  Racks 


Introducing  APC's  New  NetworkAIR™  RM  Air  Distribution  Unit 


Benefits  of  APC's  Air  Distribution  Unit: 


As  heat  densities  continue  to  grow  at  an  alarming  rate,  the  traditional 
methods  of  distributing  air  in  a  computer  room  aren't  adequate  to  deliver 
the  necessary  airflow  required  to  cool  today's  data  center  environments. 


APC  presents  the  NetworkAIR™  RM  Air  Distribution  Unit,  a  compact 
2U  rack-mounted  fan  unit  that  works  with  an  existing  precision  air 
conditioning  system  to  deliver  cool  air  to  the  equipment  contained  in 
a  rack  enclosure.  An  air  curtain  is  evenly  distributed  to  the  front  of  the 
enclosure  which  provides  consistent  temperatures  from  top  to  bottom. 


Visit  www.apc.com  to  see  APC's  complete  line  of  award-winning  power 
and  cooling  solutions. 


•  Increases  airflow  to  rack  equipment 


•  Works  in  both  raised  floor  and  non-raised  floor  environments 


•  Compact  2U  design 


•  Minimizes  air  mixing 


•  Helps  maintain  optimal  environment  for  high  reliability 


•  Improves  air  quality  through  30%  efficient  air  filtration 

(as  per  the  ASHRAE  52.1-1992  standard) 


•  Evenly  distributes  cool  air,  improving  air  circulation 
inside  the  rack 

•  Ensures  maximum  uptime  with  redundant,  dual,  independ¬ 
ently  controlled  blower  fans  and  A-B  power  input  feeds 

•  Fits  APC's  NetShelter®  VX  enclosure  or  other  19" 
EIA-310-D  enclosures  with  removable  bottom  plates 


The  compact  (2U)  Air 
Distribution  Unit  installs 
at  the  bottom  of  the  enclosure  and  sup¬ 
plies  an  air  curtain  to  the  intakes  of  equip¬ 
ment  located  within  the  enclosure,  evenly 
distributing  cool  conditioned  air  throughout. 
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Visit  APC  at  N+l  booth 


#943 


Legendary  Reliability  ' 


Enter  to  WIN  a  FREE  NetworkAIR™  RM  Air  Distribution  Unit 

Visit  APC’S  Web  site  at:  http://promO.apC.  com  Enter  Key  Cede  g477y  Call  888-289-APCC  x6476  Fa*  401  -788-2797 


©2002  American  Power  Conversion  Corporation.  All  Trademarks  are  the  property  of  their  owners.  NA2A2BRUSa 
PowerFax:  (800)  347-FAXX  •  E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA 


Your 


NEW 

LOWER 

PRItFQ! 


network  costs  a  fortune... 

...protecting  it  doesn't  have  to. 

Global  LAN  Furniture 
protects  your  equipment 
for  a  lot  less  money. 


Our  heavy-duty  LAN  Furniture  is  built  to 
last  with  steel-reinforced,  triple-leg  support 
and  lateral  braces.  Built-in  cable  management 
system  hides  unsightly  wires  and  organizes 
and  separates  cables.  Deep  30"  work 
surface,  adjustable  shelves  and  sturdy  server 
shelf  allow  for  easy  integration  of  all  your 
network  equipment,  providing  a  complete 
storage  solution.  Our  96",  72",  48"  and  24" 
wide  units  combine  with  additional  shelves, 
keyboard  drawers  and  casters  for  unmatched 
flexibility  to  meet  your  changing  needs. 


24"  Workstation 

$299 

Stk.  #  C20803 


SAVE  A  TON  OF  MONEY 
ON  YOUR  NEXT 
MEDIA  PURCHASE! 
Check  out  our  prices  today! 


CALL  1 -8OO-8-GLOBAL 

or  visit  us  online  for  the  LAN  solution  that  is  right  for  you. 

www.globalcomputer.com/go/mag/lan  Ref  #nw7/02 


72"  Workstation 

$799 

Stk.  #  C95033 


Keyboard  drawers 
and  casters  sold 
separately. 


<WELOBAL 


COMPUTER  a  Systems? 


company 


There  is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


r  'iprvpr  Expert  Observer 

L  5Stver  Observer  Suite 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows ®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 
Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 


INSTRUMENTS 


998 


* 2895 


* 3995 


©2002  Network  Instruments.  LLC.  Observer,  “Network  Instruments”  and  the  “N  with  a  dot”  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 
All  other  trademarks  are  property  of  their  respective  owners. 


“POWER 
RESTORED ... 
Everything  is  Okay  ” 

1  —THE  IMS-4000 

On  the  back  nine, 
John  knows 
his  servers  are 
safe  and  secure. 


www.inTs  4000.C(?m 


Get  More  Computers  in  Less  Space 

in  10  Days  or  Less 

Now  you  can  stack  computers  3  levels  up  to  7  feet 
high.  With  cable  channels  at  each  level. 

We'll  design  maximum  flexibility  into  your  available 
space.  Tell  us  what  space  and  what  equipment, 
and  we’ll  give  you  a  3-D  PLAN  AT  NO  CHARGE! 

Choose  the  award-winning  ISO  9001  system  from 
Europe  or  a  typical  North  American  workhorse. 

You  can  receive  your  order  in 
5-7  business  days. 


wm—mmimmm 

G.S.A.  GS29F269H 

I.S.O.  9001  CERTIFIED 

the  salix  group  •  1-800-668-9319  ext.  201  •  www.salixgroup.com 
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Ultra  Thin  1U  Cabinet  Console 

An  Integrated  Keyboard,  Monitor  and  Touchpad  Solution 


Key  Features 

•  Rack  mount'  is  only  III  of  cabiact  apace 

•  Fold  Dunn  15"  TFT  LCD  Monitor 

•  Bnilt-la  Touch  Pad  Moik  A  Numeric  Kc>  Pad 

•  KVM  Modules  caa  be  iatcj; rated  in  Ike 
same  II)  'pace 

•  Locking  Mechanism  secures  when  in  ase 


To  find  out  more  about  StarTech.com’s  complete 
Server  Room  solutions  including  the  IU  Cabinet 
Console,  and  to  get  your  FREE  T-SHIRT*, 
visit  www.stnrtech.com/NW92 

Conact  SlarTcch.com  by  phone  at 

I -866-ST ARTECH  |l-*66-7*2-7832| 
or  online  at  www.slartech.com 


Console  Ports  Over  Telnet! 


Access  Network  Serial  Console  Ports. . .  Froo^jjgwhere! 


✓  Sixteen  (16)  RS232  DB9  Serial  Ports 

✓  lOBase-T  Ethernet  Port 

✓  TCP/IP  Security  Features 

✓  Port-Specific  Password  Protection 

✓  Co-location  Features 

✓  AC  and  48V  DC  Powered  Models 


AC  Of  Afiv 


Ethernet  Interface 


DC  Power 


.M  Kp'h 


Mi'ur  k-' 


Ports 


The  CMS-16  Console  Management  Switch  provides  secure, 

in-band  and/or  out-of-band  access  to  RS232  console  ports  and  maintenance  ports  on  UNIX 
servers,  routers,  and  other  network  equipment.  System  administrators  can  access  remote  devices 
in  order  to  change  configuration  parameters,  connect  users  to  restricted  ports,  collect  buffered 
data,  and  perform  a  variety  of  other  control  related  functions. 


(800)  854*7226  •  www.wti.com 

5  Sterling  *  Irvine,  CA  92618  «  Fax:  (949)  583-9514 
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YOUR  JOB  JUST  COT  EASIER! 

Sensaphone  IMS-4000  is  the  premier  scalable  infrastructure  monitoring  system  by  Phonetics,  Inc. 

The  IMS-4000  allows  you  to  MONITOR  critical  IP  devices  and  environmental  conditions  in  real  time. 

It  will  NOTIFY  you  instantly  via  voice,  pager,  e-mail,  SNMP,  or  fax  messages. 

With  the  IMS-4000  you  can  CONTROL  power  to  your  equipment  with  your  telephone,  or  automatically. 
Wth  IMS-4000  you  can  sleep  at  night,  because  it's  on  guard.  .  .  watching  your  world. 


Find  out  why  IT 
professionals  just  like  you 
are  excited  about  the  IMS- 
4000. 

See  it  online  at: 
www.ims-4000.com 
or  call  Toll-free 

1-877  894  2120 


NWW9/02 

SENSAPHONE,  INC.  901  Tryens  Road  •  Aston,  PA  1 901 4  Sensaphone  and  IMS-4000  are  trademarks  of  Phonetics.  Inc 


IMS-4000  CIVES  YOU... 

>  Timely  information  about  events 

>  Early  notification  of  computer  trouble 

*  Inexpensive  alternative  to  additional  staffing 

*  Proven  technology  and  performance 

*  Accountability  through  data  collection 

»  Reduced  downtime  through  increased 
supervision  and  fault  notification 


SENSAPHONE* 

IMS-4000 


www.salixgroup.com 

COMPUTER 

SECURITY 

“Be  careful  out  there" 


Custom  fire  “rooms” 
and  “vaults”  available 


OATA  SAFE 


Store  diskettes,  tapes  and  cartridges  - 
in  a  DATA  SAFE 

Store  paper  documents  and  computer 
media  in  the  new  mixed  media  safes 
and  files 


MIXED 
MEDIA  FILE 

For  paper  and 
computer  media 


Both  units  protect  valuable  records 
from  fire,  water,  smoke,  humidity, 
sunlight,  vandalism  and  theft 

Units  are  available  in  various  sizes 


NWW9/02 


THE  SALIX  GROUP  1-800-668-9319  ext.  201 


(please  turn  over) 


Place 

Stamp 

Here 
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5  Sterling 

Irvine,  California  92618-2517 


What  does  the  Cabinet  Console  Do? 


StarTech. corn’s  1U  cabinet  is  a  unique  product  designed  for 
server  cabinets  where  space  is  at  a  premium.  It  combines  a 
15.1"  TFT  monitor  display,  keyboard  and  touchpad  in  one 
unit  that  requires  only  111  of  cabinet  space. 


The  111  drawer  pulls  out  and  the  display  folds  up  like  a 
notebook  computer  for  comfortable  operation. 

When  not  in  use,  the  display  folds  down  and 
pushes  into  the  cabinet,  requiring  only  1 U  of  space. 


Works  with  virtually  any  KVM  switch  for  full  integration  into  your  existing 
equipment,  or  optional  KVM  switch  modules  can  be  added  behind  the  cabinet 
console  in  the  same  1 U,  without  taking  up  any  more  precious  cabinet  space. 

««««,  StarTedi.com 


Request  more  information 
and  receive  a  FREE 
Ace  Techman  T-Shirt  at: 

•fcrst  W  requests  w«#  receive  a  t-sbirt 


* 


www.startech.com/NW92 


Reading  someone  else’s 
copy  of  Network  World? 

Apply  for  your  own 
Free  subscription  today. 


Imcropprwtcw  ^  V«rtSjjt»  i 


I  Put  to  the  test 
0- 


1 

nno'n  Sip" 


_ 


Free  subscription 

(51  Issues) 

To  apply  online  go  to 

subscribenw.com/b02 


subscribenw.com/  b02 

Apply  for  your 

free 

subscription  today! 

(A  $255  value  -  yours  free) 


The  Hub  of  the  Hetwork  Buy 


All  Brand  Software,  Inc.  study  guides,  practice  tests,  and/or  materials  is  not  sponsored  by.  endorsed  by  or  affiliated 
J  with  ISC2  SANS.  Cisco  Systems,  Inc.,  ProSofl,  loc..  Check  Point,  Inc.,  Citrlx,  Inc.,  Microsoft,  Inc.,  or  any  other  company. 
^  Boson.  Boson  Software.  Boson  Tramng,  Router  University,  Routed).  Router  Emulator,  RouterEMU  .  RoulerSim.  Krang. 
OuizWare,  Network  Emulator  Network  Simulator,  boson.com,  Boson  Router  Simulator,  and  Router  Simulator,  are 


Trademarks  or  Registered  Trademarks  of  Boson  Software.  Inc  in  the  United  States  and  certain  other  countries. 
Al  other  trademarks  are  trademarks  ot  their  respective  owners.  Copyright  2002  Boson  Software,  Inc 


KVM  Access 

Over 

Web  Browser 


2001 
KVM  Access 
over  IP 


If  having  remote  access  to 
your  servers  over  IP  means 
installing  proprietary  software 
or  PCI  cards,  that's  not 
convenient,  anywhere,  anytime 
access.  Introducing  the  new, 
multi-port  TeleReach®. 


1999 
KVM  Access 
over  Cat5 


TeleReach  is  the  easiest,  most 
secure  way  for  one  or  more 
users  to  remotely  access  and 
manage  multiple  servers 
through  a  KVM  switch,  from 
any  PC  running  the  Internet 
Explorer®  4.0  browser. 


To  see  and  feel  the  power  of 
remote  KVM  access  over  Web 
browser,  call  Raritan  Sales  at 
(800)  724-8090  to  sign  up 
for  a  live  demo  from  your 
own  desktop. 


registered  t r{ 


1988 
KVM  Access 
over  Coax 


/.raritan.cor 

\ 

8  OP -7 24 -8090 
732-764-8886 


/[/  /f\  j  732-764-8886 

/ t  \  |  ~ 

Intelligent  KVM  Switch  Technology 

'  I  '\ 

pt  Raritan  Computer tne.-Micros4<»  InftemeT  Explorer  is  a  registered  V^demark  ot  the  Microsoft  C  arporsUuo 


The  Hub  of  the  Hetwork  Buy 
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RECORD  AND 
STORE 


STREAM  AND 
TRANSFER 


PLAYBACK 


•/-  >  / 


Anywhere,  Anytime,  Any  Network! 


VBrick 

systems,  inc. 

1  -(866)  VBRICK- 1  (866-827-4251) 


VBSTAR  is  a  revolutionary  new  video  product  from  VBrick 
Systems!  It  streams  live  MPEG-2  video  over  IP,  records  it  to  an 
internal  hard  drive,  sends  it  over  the  Internet,  and  plays  it  back 
anywhere,  anytime. 

www.vbrick.com/vbstar.asp 


mv 


SilentRunner  is  the  lens  into 
your  network  providing  the 
only  network  security  solution 
that  applies  state-of-the-art 
analysis,  correlation  and 
3-D  visualization  software  to  network  security 
analysis  -  exposing  threats  and  abuses 
that  just  can't  be  seen  with  standard 
security  technologies. 


For  your  free  Technical  White  Paper, 
visit  www.silentrunner.com 

or  call  800.842.2366  today. 


SilentRunner * 

A  Raytheon  Company 


TM 


AppDancer  /  FA 

-*■  -*■  Network  Flow  Analyzer 

•  An  Easy-To-Use  Network  Viewing  Tool 

•  Email  •  Database  •VoIP  *Web 

•  Identifies  Problems  Causing  Slow  Downs 

•  Monitors  Applications,  Network  Devices, 
and  Network  Traffic 

•  Affordable  I  k  M  Ll 


Free  Download . 

InwAppOancercom 


BEST  OF  INTEROP 

NETW'RLDINTEROP 

O 

,cmp„.  RiTprtSn,  IFORMXTIOIWEEK  EE  TIMES 


Call  Toll  Free 
800.825.7563 


Dancer 

k  & 


AppDancer  Networks,  Inc. 

1000  Holcomb  Woods  Parkway 
Suite  426 

Roswell,  GA  30076-2585  USA 

email  info@AppDancer.com 

telephone  770.643.6800  USA 

web  www.AppDancer.com 


Dial  Access  Solutions 


an  Avocent  Company 


PCI  Multi-modem  Adapters 


Provide  4  or  8  V.90/V.34  data  and  fax  modems 
in  one  easily-installed  easily-configured  adapter. 


4  and  8-port  adapters 


Scalable  to  32  ports  per  server 


Lowest  CPU  utilization 


Installs  in  minutes 


Requires  no  interrupts 


Compare  for  yourself! 

Dial  Access  at  its  best! 


Equinox  Multi-modem  Adapters 


Fax  server 
Dial  access 
Data  collection 
Modem  pooling 
Internet  access 


provide  up  to  44%  savings  over  the 


leading  competitors  of  similar  products 


fry  before  you  buy! 


Call  1  -800-275-3500,  ext.  615 
for  a  FREE  30-day  evaluation! 
or  email:  sales@equinox.com 


For  more  infomation  on  Equinox  products  visit  our  website  at  -  www.equinox.com 


Install  the  new  Sentry  Power  Tower  in 
your  data  center,  NOC  or  co-lo  facility 
and  gain  the  advantage  of  remotely 
rebooting  up  to  16  of  your  equipment 
units  -  without  occupying  any  space  in 
your  rack  or  enclosed  cabinet. 

t  Try  the  New  Sentry  Power  Tower  in  your 
rack  or  cabinet  and  realize  the  benefits 
of  intelligent  Power  Distribution  and 
Remote  Power  Management. 

See  our  complete  product  line  at  www  ss-r-/ertechxom 
or  call  800.835.1515  or  775.284.2000 


S'.:.-/  '■!-:/ 


Another  grvut  ffmlvc!  from 

Server  Technology,  Inc. 


Technology,  Inc.  Sentry  i; 


k  of  Server  Technology,  Inc. 


16  remotely  addressable  power  outlets  — 
The  highest  density  available  of  any 
Remote  Power  Management  vertical  strip. 

30-amp  power  input  feed  distributed 
across  16  outlets. 

Mounts  vertically  in  your  equipment  rack  or 
cabinet  and  requires  Zero  U  of  rack  space. 

Load  Sense  provides  real-time  current 
monitoring  in  the  remote  screen  interface 
and  through  a  built-in  LED  display  for  on¬ 
site  measurement. 

Power-up  sequencing  of  all  16  outlets 
prevents  an  in-rush  current  overload. 

Telnet,  SNMP,  Modem  or  RS-232  interfaces  for  easy, 
practical  and  secure  power  management  of  remote 
internetworking  equipment. 


3ft 

3U 


Campus  Mesh 
Point-to-multipoint 
Building-to-building 
Backbone 


$  UUIUI  I 


Custom  Storage 
Solutions 


to  meet  YOUR  needs! 


With  10  years  of  experience  as  custom  designed  provider  of 
Network  Attached  Storage  Servers,  RAID  Systems 
CD/DVD  Servers  and  Enterprise  Servers 
Excel  Meridian  Data,  Inc.  can  provide  a  reliable, 
scalable  and  powerful  storage  solution  that  can  easily 
attach,  manage  and  share  files  across  the  network  at 
an  affordable  price. 


Contact  us  to  consult,  help  and  get  the  best  storage  solution 

888-286-6091 

'  sales@excelmeridian.com 

www.excelmeridian.com/n 


NetWorksA-OK 


APPLIANCE 
for  DEVICE 
WEB,  DBf  E-MAIL 
INTRUSION  MONITORING 

interloci.com  203  622-4645 


The  Hub  of  the  Network  Buy 


For  less  than  $4K, 

The  Falcon  Set-top  Appliance 
Transforms  Your  Conference  Room. 

Video  and  data  conferencing  -  all  in  one 
For  more  information  about  Falcon,  call  1-800-418-5328 


VCON  vwvw.vcon.com 

VISUAL  COMMUNICATIONS 


ReGXP2G  Gaia  Parsing  Accelerator 

Increase  performance  ry  150X 

OVER  SOFTWARE  SOLUTIONS,  AT  HALF  THE  COST 

Raqia's  ReGXP2G  Regular  Expression  Coprocessor  accelerates  deep  packet  clas¬ 
sification  in  any  data/text  processing  system.  The  ReGXP2G  Regular  Expression 
Coprocessor  is  ideal  for  high-speed  intrusion  detection  systems,  server  load  bal¬ 
ancing,  Web-switching,  Bio-Informatics,  SANs,  firewall  load  balancing,  and  virus 
scanning. 

TUTORIAL  DESCRIPTION 

The  tutorial  offers  an  introduction  to  the  growing  use  of  regular  expressions  in  net¬ 
working  applications  including  security,  Web-switching,  data  parsing,  and  other 
classification  applications. 

The  tutorial  will  cover 
major  features  of  the 
ReGXP2G  coprocessor. 

The  tutorial  includes  lunch 
and  cocktail  reception. 


For  more  information  on  Raqia,  the  tutorial,  and  registration,  visit  our  web  site. 


raqia 


networks,  inc. 

Silicon  Solutions  for  Content-Based  Networks 
www.raqia.com 


Date:  10/21/02 
Time:  Noon  to  7PM 
Location:  Crowne  Plaza  Hotel, 
San  Jose,  CA 


Small  Office  Internet 
And  Intranet  Solutions 


SO&ate  xr-4330 

•  Wiring  Closet  Friendly 

•  WAN  port  load  sharing 

•  Public  Server  Connection 

•  Firewall 


VPN  termination 
Broadband  IP  Sharing 
24  ports  10/10CMbps  Ethern  t 
3  x  1 OOOM  Ethernet  poits 


XlMSJS 

87  7-XtERASYS  or 
(877)983-7279 
vrwwXterasys.com 


Microphone 
for  Sound 
Monitoring 


Internal 

UPS 


Power 

Control 

Interface 


8  RJ-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Tower, 
Smoke/fire) 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 


Ethernet 

Port 


Internal  Voice, 
Modem 
&  Pager  Port 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Phonetics,  Inc. 

Tel:  877-373-2700 

901  Tryens  Road 

www.ims-4000.com 

Aston,  PA  19014 

Instantly  Search  Gigabytes  of  Text 


dtSearch* 


The  Smart  Choice  for 
Text  Retrieval ®  since  1991 


"Superb  ...  a  multitude  of  high-end  features"  —  PC  Magazine 

"A  powerful  text  mining  engine  ...  effective  because  of 
the  level  of  intelligence  rt  displays"  —  PC  At 

"Very  powerful  ...  a  staggering  number  of  ways 
to  search"  —  Windows  Magazine 

"Impressive"  —  PC  Magazine  Online 

"A  tremendously  powerful  and  capable 
text  search  engine" —  Visual  Developer 

"Intuitive  and  austere  ...  a 
superb  search  tool"  —  PC  World 


Fast,  precision  searching 

♦  over  two  dozen  text  search 
options 

♦  indexed,  unindexed,  fielded 
and  full-text  searching 

Organization-wide  reach 

♦  highlights  hits  in  HTML  and  PDF 
while  keeping  embedded  links 
and  images  intact 

♦  converts  other  file  types  —  word 
processor,  database,  spreadsheet, 
email,  ZIP,  XML,  Unicode,  etc.  — 
to  HTML  for  display  with 
highlighted  hits 

1800-IT-FINDS 
www.  dtsearch.  com 

sales@dtsearch.com 


Search  the  many 
forms  of  data  that 
exist  across  a  large 
enterprise  network 

♦  from  $800 


Publish  a  searchable 
database  to  CD,  DVD 

♦  from  $2,500 


1  ISr-'-Tsd 

Text  Retrieval 
Engine 


Add  power 
searching  to 
a  product 

♦  extensive 
sample  source 
code  in  multiple 
programming 
languages 

♦  from  5999 


Web 


Add  instant 
searching  to  your 
site  ♦  5999  per  server 


Stop  by  www.dtsearch.com 
for  30-day  evaluation  versions 


Measurement 


Providing  clear,  uninterrupted  voice  is  critical,  irrespective  of  what  type  of 
network  is  carrying  the  voice.  GL's  Voice  Quality  Testing  (VQT)  Software, 
accessed  through  an  easy  to  use  GUI  interface,  provides  the  voice  quality 
measurement  and  analysis  tools  necessary  for  today's  voice  networks. 
Typical  network  applications  include  VoIP.  PSTN.  ATM.  Frame  Relay, 
and  Wireless  Networks. 

j.’V  *  ■  0  „  . 

v  Ose  the  Most  Widely  Accepted  Algorithms  for  Voice  Quality 
\  Testing  -  PAMS  {P.800).  PSQM  (P.861).  &  PESQ  (P.862) 

•  Mandat  or  Automatic  GUI  Operation 

•  Assess  the  Effects  of  Noise,  Delay,  and  Echo  in  Networks 

•  Measure  the  Effects  of  Packet  Jitter  in  VoIP  Networks 

•  Analyze  the  Effects  of  Codec  Compression  in  Wireless  Networks 

Visit  our  website  to  learn  more  about  GL's  T 1/E1/T3  Analysis,  Digital  CO 
Simulation,  and  Analog  &  Wireless  Voice  Quality  Testing  Solutions. 

^GL  Cnmmimtc  at  ions  Inc. 

* • ....  Phone:  301-670-4784  •  Fax:  301-670-9187 
•*r*.  >  E-Mail:  mfo@gl.com  •  Web:  www.gl.com/vqt 


GL's  DCOSS 


GL  S  T  1/E  1  Analyst*  Card 


GL 


DCOSS 


GL's 


T1/E1 


Analysis 


Card 


NetSmart  Learning  Partner 


The  Hub  of  the  Network  Buy 


.  ■ 


I 

OptimumDatalnc. 


toll  free  800  879  8795 
ph:  +  1  402  575  3000 
fax:  +1  402  575  2011 


wwv.optimumdata.com 


1 20  Day  Warranty 

Paradyne  •  ADTRAN  •  ExtremI  Networks 


"iruMi 

See  the  entire  Generation 
3.0  collection  at: 

BRETTS 

Luggage.  Lea tlier  goods.  Gifts 
Pens.  Ckxks.  Lighters.  Games 

www.suitcase.com 


Cuti  Srmn 
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Dont  want  used?  Try  our  low  prices  on  new!  Call  Today! 

Call  for  Free  Quote! 

fifl  888-8LANWAN 

(888-852-6926) 


National  LAN  Exchange  •  WWW.nle.com 


NORTEL  NETWORKS 


Bay  Networks 


■L  ■■■ 
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Why  Are  We  The  Best? 


•  Nortel  Service  Contracts 

•  Nortel  Service  Renewals 


Free  Technical  Support 
Next-Day  Hardware 
Replacement 


Good  As  New  Gear, 

Same  as  New  Warranty 
-  at  Better  Than  New  Prices 


Refurbished  Specials: 

ASN/2-32mb  Refurbished  Advanced  Stack  Node  Bundle 

Includes  Af0002E13-32tnb  Redundant  Base  Unit 

1  x  34000  Dual  Ethernet  lx  AF2111005  Quad  Sync 

lx  AA00II0O4  Fast  Packet  Cache,  lx  AF2I04013  128  bit  Compcession  Module 

Special  $2,995 

BayStack  350T-HD  (AL2012E10)  24  Port  10/100  switch 

Refurbished  Grades  may  vary.  "A"  Grade  sale  price  $350.00 

One  Year  Warranty 

As  Low  As  $150 

BayStack  450-24T  (AL2012E14)  24  Port  10/100  Stackable 

Special  $895 

Backbone  Router  Special-AC  I00400S 

Refurb  kit  indudes  Dual  I00BT  with  the  Fast  ERE2-06064mb 

Special  $3,249 

Systems/Features/Memory 

CISCO 

EQUIPMENT 

Also  Available:  wellfleet,  Bay,  Fore, 
Xylogics,  Livingston,  &  Ascend 

In  Stock  •  Fist  Delivery  •  No  Expedite  Charges 

COMSTAR,  INC. 

The  HI  Network  Remarketer 

952*835*5502 

Fax  952*8S5*1927  E-Mail:sales@comstarinc.eom 


View  Cart  ff  Clear  Cart 


FACTORY  DIRECT 
FIBER  OPTIC  PRODUCTS 


Jumpers,  Pigtails,  Termination  Boxes, 
Preconnectorized  Backbone  Cable, 
Mode  Conditioning  Cables, 
Ethernet  Converters  and  Switches, 
CAT5  Products,  Photonic  Devices 

wwH.fiberdyne.com 

/Ifiberdyne  LABS,  INC. 

l-(800)  894-9694 
(315)  895-8470 
Fax  (315)  895-8436 


800.451.3407 


90  Castilian  Drive.  Suite  110,  Santa  Barbara.  CA  931 1 7 


Switches 
Interface  Modules 
Access  Servers 
Accessories 


'  *  '•-Hi  *Y-  G ,  ,  "•  i 

www.nGtworkhardware.com  — 


.‘T* J:? 

BUY  ONLINE 


NETWORK  HARDWARE  RESALE 


Buy,  Sell  or  Announce 

Network  Products 
and  Services  with 
Network  World's  Marketplace 
Call  800-622-1108  ext.  6507 


FIBER  OPTIC 
SOLUTIONS 


•  T1/E1  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS/400  Twinax,  and 
RS/6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ethernet/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  ISO  -  9001 


a.r. 


Toll  Free  866-SITech-1 
630-761-3640,  fax  630-761-3644 

www.sitech-bitdriver.com 


NEW-USED 

Advertise  in  the 
Marketplace  and  watch 

WE  BUY-WE  SELL 

yout  sales  come 
pouring  in! 

1  caaeTRon 

32H  — SYSTems  — W- 

<#jV 

LEGACY/DISCONTINUED 
PRODUCTS  SPECIALISTS 

OUR  20TH  YEAR! 

Wi?*sf  W 

ERGONOMIC  ENTERPRISES,  Inc 

/C\  "  ^  vO 

47  WERMAN  CT. 

PLAINVIEW  NY  11803 

1 -877-4LAN-WAN  (452-6926) 

Int'l:  001-516-293-5200 

Call  Direct  Response 

fx  516-293-5325 

Advertising 

www.4lanwan.com 

1-800-622-1108 

rich@4lanwan.com 

10/100  Ethernet  LAN  Tester 


(FREE  Palm  mlOS 
included) 


Design  Engineers: 

Evaluate  &  test  new 
equipment  under 
development 
Network  Engineers: 

Determine  faulty 
NIC  cards,  wiring,  & 
network  equipment 


*  Displays  network  utilization,  packets 
&  statistics 


►  Captures  &  generates  various  error 
packets 


►  Network  load  testing  function 

►  Full  auto  negotiation  &  DHCP  ready 


Toll  Free  1-866-442-7767 
www.smartronix.com/products 


ecure  Your  Future. 


a 
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IT  CAREERS 


© 


careers 


Systems  Administrator  II,  Senior 
Standard  &  Poor's  is  seeking 
resumes  tor  the  position  of 
Senor  Systems  Administrator  II 
to  work  in  Englewood.  CO.  This 
position  acts  as  a  technical  advi¬ 
sor  in  the  administration  of 
an  enterprise  production  UNIX 
environment  consisting  of  net¬ 
worked  servers  and  workstations. 
Is  responsible  for  hardware,  soft¬ 
ware.  operating  systems,  config¬ 
uration  planning,  installation, 
maintenance,  technical  support, 
capacity  and  performance  moni- 
tonng,  disk  optimization,  file  sys¬ 
tem  integrity;  system  tuning,  and 
troubleshooting.  Designs  sys¬ 
tems  and  oversees  installation  of 
hardware  and  software.  Provides 
technical  support  to  staff.  Man¬ 
ages  system  security  and  system 
resources.  Conducts  evaluations 
and  recommends  software  and 
hardware  products.  Ensures  cre¬ 
ation  and  implementation  of  sys¬ 
tem  backup  and  recovery.  De¬ 
signs,  programs,  and  implements 
system  utilities  and  scripts.  Es¬ 
tablishes  and  enforces  stan¬ 
dards.  Serves  as  project  manag¬ 
er.  Approves  decisions,  delegates 
responsibilities,  assigns  tasks, 
and  supervises  other  system  ad¬ 
ministrators  and  technical  sup¬ 
port  personnel. 

Minimum  requirements:  bache¬ 
lors  degree  in  computer  science, 
information  systems,  engineer¬ 
ing,  or  related  field,  including  eco¬ 
nomics;  three  years  of  experi¬ 
ence  in  systems  administration; 
and  comprehensive  working 
knowledge  of  UNIX  Solaris  oper¬ 
ating  system,  a  wide  variety  of 
third-party  tools,  communication 
protocols,  and  a  broad  knowl¬ 
edge  of  computer  systems  hard¬ 
ware,  software,  operating  sys¬ 
tems,  and  utilities. 

Please  send  resumes  by  mail  to 
Kathy  Slabach,  Job  Reference 
No.  DW82002,  7400  S.  Alton 
Court,  Englewood,  CO  80112. 
Standard  &  Poor's  is  an  equal  op¬ 
portunity  employer 


PS  Info  Tech,  LLC,  a  Colorado 
Springs,  Colorado,  software 
development  and  consulting 
company,  seeks  applications  for 
the  position  of  Programmer/ 
Analyst.  Engage  in  full-life  cycle 
software  development  in  an  IBM 
mainframe  environment.  Use 
COBOL,  REXX,  and  C  program¬ 
ming  language,  SAS  reporting 
language,  CICS,  GUIs,  JCL,  CA- 
7  and  CSP  development  tools, 
and  other  languages  and  tools  in 
the  development  and  consulting 
process.  The  position  which  is 
located  in  Colorado  Springs, 
requires  a  bachelor's  degree  or 
foreign  equivalent  in  computer 
science,  engineering,  or  a  related 
field,  including  mechanical  engi¬ 
neering;  two  years  of  software 
development  experience  in  an 
IBM  mainframe  environment, 
and  working  knowledge  of  CSP, 
CA-7,  SAS.  and  C  programming 
language.  Please  send  resumes 
by  mail  to  PS  Info  Tech,  LLC, 
5152  Prairie  Grass  Lane, 
Colorado  Springs,  CO  80922. 


Analyst:  The  Trane  Company,  a 
manufacturing  and  sales  company 
is  seeking  a  Lead  Development 
Analyst  to  analyze  company 
financial  service  operations  and 
existing  Risk  Management  Sys¬ 
tems  in  its  La  Crosse  Wisconsin 
office.  Qualified  candidates  must 
have  a  Bachelor's  Degree  in 
Computer  Science,  at  least  5 
years  experience  as  a  Software 
/Systems  Engineer  or 
Programmer  Analyst,  extensive 
experience  with  Powerbuilder, 
Powerbuilder  Foundation  Class 
and  Power  Tool,  3  years  experi¬ 
ence  with  application  develop¬ 
ment  using  Oracle,  and  2  years 
experience  working  with  con¬ 
struction  industry  risk  manage¬ 
ment  practices.  Interested  appli¬ 
cants  should  mail  resumes  and 
salary  requirements  to  Ms 
Kathy  Reynolds,  Ret  #  ML1000 
at  3600  Pammel  Creek  Road.  1 7- 
2,  La  Crosse,  Wisconsin  54601 . 
An  equal  opportunity  employer. 


Sr.  Site  Research  Analyst  wanted 
to  research  and  develop  com¬ 
plex  world-wide  web  servers. 
Bachelor's  degree  in  Computer 
Science  and  3  years  experience 
required.  Send  resume  to  Yo- 
dlee,  Inc.,  3600  Bridge  Parkway, 
#200,  Redwood  Shores,  CA 
94065. 

SAP  H.R.  APPLICATIONS 

CONSULTANT,  8am-5pm,  Re¬ 
search,  develop  and  design 

computer  software  systems  as 

they  relate  to  HR  management 

functions  such  as  payroll,  bene¬ 
fits  and  time  management.  Re¬ 
quired:  proficiency  with  SAP  HR 

and  SAP  ABAP/4,  ASAP  Cert., 

B.S.  in  IT  or  related  field,  or 

equiv.  Cedar  Inc.,  Send  Resume: 

glenda.soderstrom@cedar.com 

or  fax:  (410)  752-2879. 

Software  Engineers  (Idaho  Falls): 
Design,  develop,  test  and  imple¬ 
ment  specialized  multi-country, 
multi-site,  ERP  and  CRM  appli¬ 
cations  in  JD  Edwards  One 
World  XE  and  related  tools, 
XML,  VB,  SQL,  and  Windows. 
MS,  ScVEngg.  and  3  yrs.  exp.  in 
job  offered  or  BS,  Sc./Engg.  and 
5  yrs.  progressive  post  bac¬ 
calaureate  exp.  reqd.  (or  foreign 
equiv.)  Prevailing  wage/benefits. 
Melaleuca,  Inc.,  Attn:  Human 
Resources,  3910  South  Yellow¬ 
stone  Highway,  Idaho  Falls, 
Idaho  83402.  No  phone  calls 
please.  EOE. 

Programmer/Analyst  (Newark, 
DE)-Analyze,  design,  program 
&  implement  advanced  comp, 
applications  for  Web  Based 
Drug  Tracking  Systems  using 
program  devplmt  tools.  Define 
req.,  test  &  implement  systems. 
Req.  Bachelors  in  Comp.  Sci„ 
Technology,  Pharmacy,  MIS, 
Statistics  or  Engg  (any  field)  plus 

1  year  exp.  in  job  offered.  Con¬ 
tact:  International  Systems  Tech¬ 
nologies  Inc.,  1812  Front  Street, 

Scotch  Plains,  NJ  07076. 

SOFTWARE  DEVELOPER  - 

LUMEDX  has  an  opportunity 

for  a  Software  Developer. 

Requires  BSCS  or  equiv. 

Send  resume  to:  employment 

@  lumedx.com.  EOE 

Manager,  Software  Developer 

sought  by  NJ  based  Securities 

Dealer.  Must  possess  Bachelor's 

degree  or  equivalent  in  Computer 

Science  or  directly  related  field 

and  5  years  exp.  in  software/sys¬ 
tems  development  and  design. 

Respond  to:  Human  Resources 

Department:  Knight  Trading 

Group,  Inc.,  525  Washington 

Blvd.,  Jersey  City,  NJ  07310. 

Venturi  seeks  Prog./Analyst 
for  Kirkland,  WA  office.  DESC: 
Prov.  comp.  sys.  consult,  to  max. 

I. S.  efficiency.  Anlyz.  bulk  data  for 
migration  into  CRM  sys.  Dsgn, 
dev,  &  impl.  RDBMS  &  web 
based  &  distrb.  tools  &  s/w  util. 
SQL,  VB,  ASP,  VBScript,  JScript, 
Win.  o/s.  Config.  &  maint.  corp. 
web  servers.  REQ:  BS  in  Engr, 
CS,  Math,  or  Physics  +  2  yrs. 
exp.  dsgn,  dev,  &  impl  RDBMS  & 
distrb.  tools  &  aps.  util.  SQL,  VB, 
ASP,  VBScript,  JScript,  Win.  o/s. 
Prem.  sal.  +  benes.  Pis.  reply  to 

J.  King,  Job#  VT-102,  11255 
Kirkland  Way,  Kirkland,  WA 
98033. 

Programmer:  Responsible  for  soft¬ 
ware  project's  requirement 
collecting  &  analysis,  preliminary 
and  detailed  design,  coding,  test¬ 
ing,  writing  documents  and  on-site 
implementation,  user  support  and 
further  improvement  in  cattle  in¬ 
dustry.  Plan,  manage  and  track  the 
schedule  of  whole  development 
cycle  and  analyze  the  feasibility  of 
project.  Provide  consultation  to 
user  and  development  staff.  Req. 
BS  or  equivalent  in  CS  or  CIS  with 
nine  months  exp.  in  job  offered  or 
programmer  analyst.  Must  be  pro¬ 
ficient  in  CIS  Management  Sys¬ 
tem,  EID  Reader,  Visual  Stu- 
dio.NET,  XML  and  RationalRose. 
$52,000.00/yr,  40/wk,  9-5.  Send 
resume  to  LOR,  Inc.  at 
wlam  @  rrrassociates.com. 

Analyst  (network  systems  & 
data  communications)  -  perform 
analysis,  design,  testing,  evalua¬ 
tion  etc.  of  LAN/WAN  &  other  sys¬ 
tems.  Research  &  recommend 
proper  hard-/software  to  users. 
Maintain,  troubleshoot  &  assist 
users  w/  programs  &  implemen¬ 
tations.  Resolve  technical  issues. 
Coordinate  overseas  offices  w/ 
user  requirements,  design,  devel¬ 
op  &  solutions.  Requires:  BS- 
Computer  Science  (  or  equiva¬ 
lency);  Microsoft  Technologies 
Certification;  2yrs  exp  in  comput¬ 
er  software  solution  develop¬ 
ment.  $36K/yr  ( 40hrs/wk).  Apply 
with  CV  to:  Sri  Vepa,  Systems 
Hardware  Inc.  661  Brea  Canyon 
Road,  Suite  5  Walnut,  CA  91789 

Programmer  Analysts  needed. 
Seeking  qualified  candidates 
possessing  BS  or  equiv.  and/or 
rel.  work  experience.  Duties 
include:  Designing  programs  to 
merge  purge  maintain  and  inte¬ 
grate  databases;  designing, 
developing  and  maintaining 
company  website;  providing 
technical  support  for  customers 
and  creating  front-end  user 
applications.  Exp.  must  include 
two  years  working  with  Visual 
Basic,  MS  Access  and  Crystal 
Reports.  Mail  res.  ref.  and  sal. 
req.  to:  DataLister  Inc.,  1 595  NW 
1st  Court,  Boca  Raton,  FL 
33432. 

where  the  best  get  better 

1-800-762-2977 


Database  Administrators  needed: 
Several  senior  level  positions 
available  for  qualified  candidates 
possessing  relevant  work  expe¬ 
rience.  Part  of  the  relevant  work 
experience  must  include  2  years 
working  with  Peach  Tree.  Duties 
include  customizing,  implementing 
and  deploying  various  software 
programs;  Setting-up,  monitoring, 
maintaining  and  troubleshooting 
databases.  Work  with  2  of  the 
following:  Peach  Tree,  Oracle, 
FoxPro  and  Windows  NT.  Mail 
resume,  references  and  salary 
requirements  to:  AMG  Stars  Inc., 
4350  S.  Halsted,  Chicago,  IL 
60609. 


Programmers,  Jr.  Programmers, 
Software  Engineers:  Design, 
develop,  test  and  implement 
specialized  applications  in  (1) 
COBOL  78  &  85,  DMSII,  Dargal, 
Bl  Source,  BLDIST,  BLSched, 
ICD,  Tads,  MS  Access,  DB2, 
Cics,  People  Tools  and  SQL;  (2) 
Oracle  8i,  MS  Access,  C,  C++, 
Java,  VB,  Arc  Info,  View,  FM, 
Maplnfo,  Dream  Viewer,  Bench¬ 
marking,  Six  Sigma  and  SQC 
Tools;  (3)  Sybase,  Java,  C++, 
COBOL,  CORBA,  Visibroker, 
MQ  Series,  Rational  Rose,  BEA 
Weblogic,  and  IBM  Websphere. 
Prevailing  wage/benefits.  Send 
resume  to  Attn:  Raja  Narreddy, 
Quantum  Infotech,  Inc.,  30600 
Telegraph  Road,  Ste  2220,  Bing¬ 
ham  Farms,  Ml  48025.  EOE. 


Need  Programmer  Analysts,  Sr. 
Programmer  Analysts,  Software 
engineers,  DBAs,  Tech  Market 
Analysts,  Budget  Analysts,  QA 
Analysts.  Experience  sought  in 
SAP,  VB,  Java,  ASP,  Database 
Administration,  Peoplesoft,  Oracle, 
QA  tools  and  Technical  writing. 
Requirements  and  Salary  vary 
depending  upon  position:  All 
positions  require  a  minimum  of 
a  Bachelor’s  degree  and  experi¬ 
ence.  Must  be  willing  to  travel/ 
relocate  if  necessary.  We  offer 
salary  commensurate  with  skills 
and  a  desirable  employee  bene¬ 
fits  package.  Please  submit  a 
letter  of  interest  and  resume  to: 
resumes  ®  svncrotechnoloaies. 

com.  Syncro  Technologies,  Inc. 


SOFTWARE  ENGINEER:  An 
Internet  Solutions  Developer  for 
Global  Capital  Markets  is  seeking 
a  Software  Developer  who  will 
design,  develop  &  maintain  large 
scale  web-based  financial  IS 
for  ASP/Service  Bureau  deploy¬ 
ment.  Req'd:  BS  degree  in 
CompSci  or  related.  Min  2  yrs 
exp  in  the  job  or  as  JAVA  Pro¬ 
grammer/Developer.  Must  have 
delivered  &  supported  multi¬ 
tiered  real-time  web-based  client 
server  application  serving  the 
financial  services  industry  in 
an  ASP  environment.  Must  have 
exp  w/JAVA,  J2EE,  C++,  XML, 
Oracle  RDBMS  &  WinNT  tech¬ 
nologies.  Send  resume  to:  HR, 
CrossBorder  Exchange  Corp., 
1410  Broadway,  #2700,  NY 
NY  10018.  REF#BM0023.  PLS 
INDICATE  REF#. 


Software  Engineer.  Design/ 
implement  healthcare  apps  in 
the  development  of  Disease 
management  systems  using  VB, 
ASP,  VBScript,  ADO,  XML, 
COM+,  HTML,  IIS,  SQL  Server 
7.0/2000,  Visual  Interdev  6, 
Visual  Source  Safe  Windows 
2000.  Prevailing  wage/benefits. 
Send  resume  to  Attn:  Marty 
LeMasuvier,  Matria  Healthcare 
Inc.,  1850  Parkway  Place,  12th 
Floor,  Marietta,  GA  30067. 


Software  Engineer  to  analyze, 
develop,  test,  implement  &  main¬ 
tain  customized  B2B.  B2E.  B2C 
applications  in  a  client/server 
environment  in  different  plat¬ 
forms  (Unix  and  Windows  NT)  & 
databases.  Use  Web  Services, 
SOAP,  XML,  JSP,  Custom  Tags. 
&  Java  Servlet  according  to 
J2EE  spec  and  C++  implement¬ 
ing  object  oriented  artifacts  & 
design  patterns  to  perform  duties. 
Must  have  MS  in  Computer 
Science  plus  three  years  of 
experience  in  similar  duties. 
Send  resume/cover  letter  to: 
Adel  Santos,  DeepBridge  Content 
Solutions,  61  Broadway,  Suite 
800,  New  York,  NY  10006. 


Software  Design  Engineer  for 
Miami  to  design  and  develop  a 
web  based  Customer  Relation 
Management  (CRM)  and  financial 
analysis  software  localized  in 
Dutch  and  Afrikaans.  Full  time 
position  M-F  offers  good  salary. 
Applicants  with  5  years  related 
experience  and  working  knowl¬ 
edge  of  Microsoft  Visual  Basic 
6,  Visual  C++,  Active  Server 
Pages,  DHTML  and  Java  Script, 
send  resumes  only  to  Mario 
Cabrera,  Human  Resources, 
SunGard  Insurance  Systems 
2000  S.  Dixie  Hwy.,  Miami,  FL 
33133. 


Manager,  3D  Appl.  Rsrch  Group, 
wanted  for  mfgr  of  computer 
components.  Req.  B.S.  in  E.E. 
or  related  scientific  discipline 
plus  8  yrs.  tech,  devlpmt/mgmt 
exp.  in  comp,  graphics  industry. 
Reply  to  K.B.,  H.R.  Dept.,  ATI 
Research,  Inc.  62  Forest  St., 
Marlboro  MA01752. 


Forum  Systems  currently  has 
opportunities  in  Sandy,  UT  for 
the  following  positions 

‘Software  Engineers 
(Consultants)* 

‘Must  be  available  to  travel  to 
various  and  unanticipated 
worksites  throughout  the  U.S. 

Positions  require  Bachelor's  in  CS, 
Engineering,  or  related  field  and 
3  years  of  software  engineering 
experience.  Experience  must 
include:  1)  XML,  2)  TCP/IP,  3) 
Linux  and  4)  Java 

For  consideration  forward  your 
resume  to: 

Zak  Farrington 
Forum  Systems 
45  West  10000  South 
Ste.  415 

Sandy,  UT  84070 
(No  phone  calls) 
www.forumsys.com 


Dir  of  Development  to  provide 
tech  leadership  to  analyze, 
design,  implement  appls  using 
Delphi,  Java,  VB,  ERWin  on 
Windows;  manage  databases 
using  Oracle.  D2K,  MS  Access, 
SQL;  interact  with  users  to  gather 
reqs;  review  project  requests 
and  prioritize;  assign,  direct, 
manage  development  team; 
plan/execute  QC  policies.  Req: 
MS  in  CS  /  Engg.  (any  branch) 
with  3  yrs  exp  in  job  offered  or 
BS  or  foreign  equiv  in  any 
of  above  &  5  yrs  of  relevant 
progressive  exp.  High  salary.  F/T. 
Resume  to  HR,  Get  Proof,  Inc., 
3050,  Royal  Blvd  South.,  Ste 
195,  Alpharetta,  GA  30022 


MILLIONS  OF 
READERS 

MILLIONS  OF 
SURFERS 


ONLY 
THOUSANDS 
OF  DOLLARS 

TOTAL  IMPACT 
TOTAL 
SAVINGS 

Put  your  message  in 
IT  careers  and 
ITcareers.com  and 
reach  the  world’s 
best  IT  talent. 


ITcareers 

whf  ttw  1 mt  |vt  httv 
1-4BO-7B2-2977 

IT  careers.com 


Become  a  IHicrosoft  Windows  2000  Security  Expert. 

It’s  easy.  Just  point,  click  and  choose  the  format  that  works  best  for  you: 
•CD-R0fH  •Uleb-Based  *Hands-0n  •Uirtual  Classroom 

Uisit  lletSmart  today  at  www.nwnetsmart.com 
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You  can 
find  a 
better 

JOB 

with  one 
hand  tied 
behind 
your  back. 


Just  point  your 
mouse  to  the 
world’s  best 
IT  careers  site. 

Brought  to 
you  by 

Computerworld, 
Info  World  and 
Network  World. 

Find  out  more. 

Call  your 
ITcareers  Sales 
Representative 
or  Janis  Crowley, 
1-800-762-2977 


careers.com 


Where  the  best 
get  better 


PeopleSoft  Applications  Analyst 
wanted  by  Multi-Nafl  Mktg  Com¬ 
munications  Co  in  Manh.  Pro¬ 
vide  PeopleSoft  tech  support; 
write  specs;  modify  existing  appls 
&  reports;  implement  upgrades. 
Bach  in  Comp  Sci  &  2yrs  exp  in 
job  offered  req.  Respond  to: 
JK/HR  Dept,  PO  Bx  4241 ,  GCS, 
NY  10163. 

Inertial  Sys  co  sks  Microcntrler 
SA N  Engineer.  Dvlp  Microcntrler 
S/W  using  debugger  for  serial 
comm,  of  inertial/rate  devices  w/ 
C,  C++,  C#  &  rate  table.  Req: 
2  yrs  exp  &  BS  in  CS/EE  Res: 
Inertial  Science  3533  Old  Conejo 
Rd  #  104,  Newbury  Park,  CA 
91320 

DATABASE  ADMINISTRATOR. 
Bachelor's  degree  or  foreign  de¬ 
gree  equivalent  in  Computer  Sci¬ 
ence,  Computer  Engineering,  or 
a  closely  related  field  required. 
Must  hold  three  years  experi¬ 
ence  in  database  administration 
using  Oracle  and  Oracle 
DRUMS  in  programming.  Work 
hours:  8  am  to  5  pm,  M-F.  Send 
resume  to  Natalyn-America's 
Collectible  Network.  Inc.,  10001 
Kingston  Pike,  Suite  57, 
Knoxville,  TN  37922;  Attn:  Job 
Code  DAB. 


Computer  Professionals  w/exp 
in  DELPHI,  Sybase.  SQL,  JAVA, 
Star/Team,  ERWin,  Dataflex,  MS 
SQL  Server,  ORACLE,  UNIX, 
LINUX,  HTML,  XML,  Windows 
97NT/2000.  Apply  to  Triple  Point 
Technology,  Inc.,  301  Riverside 
Avenue,  Westport,  CT  06880. 


Comp.  Oracle  Administrator 
Euro  Solutions  Group  dba  e: 
Solutions  Group  seeks  an  Oracle 
Application  Database  Adminis¬ 
trator  in  our  New  York,  NY  loc. 
Position  involves  all  DBA  activities 
including  system  development 
life  cycle,  data  analysis,  system 
design  and  dev't,  testing  +  im¬ 
plementation.  Support  global 
databases  on-site  +  remotely. 
Liaise  with  international  clients. 
Must  have  a  B.S.  in  Comp. 
Sci.  or  related  field  and  3  yrs  of 
relevant  exp.  Applicants  send 
r6sumb  to  evolutions  Group, 
H.R.  Dept,  420  Madison  Ave., 
#1101,  New  York  NY  10017. 


Call  your 
ITcareers  Sales 
Representative 
or  Janis  Crowley. 

1-800-762-2977 


Principle  Software  Engineer:  A 
supplier  of  world  class  circuits  to 
world-known  PC  manufacturers 
is  seeking  a  Principle  Software 
Engineer  who  will  act  as  project 
leader  and  guide  junior  engi¬ 
neers  in  developing  drivers 
under  Win  98/me/2000  that  will 
handle  PnP  messages  and  pass 
the  WHQL  tests.  Req'd:  B.S. 
degree  in  Engineering.  Computer 
Science,  Information  Systems  or 
related  with  5  yrs  exp  in  the 
job  offered  or  as  Application 
Software  Developer.  Exp  w/USB 
driver  development  &  kernel-level 
debugging.  Exp  w/Win  OS  archi¬ 
tecture,  MS  SQL  Server  6.5, 
Visual  BASIC  &  C/C++.  Standard 
Microsystems  Corp.,  11000  N. 
Mopac  Expressway,  Stonelake 
Bldg.  6,  Austin,  TX  78759;  Attn: 
Rick  Karl. 


Software  Engineer  wanted  to 
perform  data  storage  software 
design,  development,  and  main¬ 
tenance,  system  documentation 
and  related  duties.  MS  in  Com¬ 
puter  Science  and  2  yrs  related 
experience  required.  Send 
resume  to  Data  Reliability  Inc. 
3895  Metro  Drive,  Jackson,  MS 
39209. 


Support  Analyst,  Information 
Technology  Company  -  Provide 
technical  support  to  clients  for 
company’s  proprietary  software 
applications;  maintain  customer 
support  database;  test  new 
products.  B.S.  in  Computer 
Sciences  or  related  field.  Salary 
commensurate  with  exp.  40 
hrs/wk,  8  AM  -  5  PM,  M-F.  Mail 
resume  to:  Info  Tech,  Inc.,  5700 
SW  34th  Street,  Gainesville.  FL 
32608. 


Prog/Analysts  to  analyze,  design 
/develop  appls  using  Java, 
HTML,  Javascript,  UML,  XML, 
Oracle,  Dev  2000,  Designer 
2000,  Rational  Rose,  under 
Windows,  Unix  and  Solaris  envi¬ 
ronments;  perform  business 
collaboration,  process/data 
modeling  using  SDLC/OOPS. 
BS  or  foreign  equiv  &  2  yrs  exp 
in  IT.  High  salaries,  F/T.  Travel 
involved.  Resumes  to  Bahwan 
Cybertek  Technologies,  Inc.  209 
West  Central  Street,  Suite  312, 
Natick,  MA  01760. 


Programmer  Analysts  needed. 
Seeking  qualified  candidates 
possessing  2  yrs  of  college  or 
equiv.  and  2  years  work  exp. 
using  Progress  Database,  Unix 
and  EDI  procedures.  Duties 
include:  Design,  study,  code  and 
test  software  systems  and  pro¬ 
grams.  Write  programs,  interfaces, 
and  EDI  procedures.  Work  with 
Unix,  VB,  Symix,  and  Autocad. 
EOE.  Mail  res.,  ref.  and  Sal.  Req. 
to  Attn:  Human  Resources,  C. 
Lee  Cook,  A  Dover  Resource 
Company,  916  S.  8th  Street, 
Louisville,  KY  40203. 


Infowave  Systems,  Inc,  an  IT 
consulting  firm  in  Wilmington, 
Delaware  is  seeking  individuals 
for  the  following  positions  to  work 
at  client  sites  throughout  the  US: 

Programmer  Analyst-  requires  2 
yrs  exp  in  software  development 
and  B.S.  in  Computer  Science 
or  related  field.  Must  have  exp 
using  Oracle  RDBMS,  PL/SQL, 
Forms.  Reports,  Database  tuning, 
Oracle  Application  Modules, 
Shell  Scripts  on  Unix  and  Win¬ 
dows. 

System  Analyst-  requires  2  yrs 
exp  in  Software  Systems  Analysis 
and  Architecture  with  B.S.  in 
Computer  Science  or  related 
field.  Must  have  exp  using  Ratio- 
nalRose,  UML,  and  Used  Cases. 
Programming  experience  in 
Internet  Technologies  on  NT  and 
UNIX. 

Programmer  Analyst  (SAP  and 
Internet):  2  yrs  exp  in  imple¬ 
menting  web  enabled  modules, 
particularly  SD/MM,  utilizing 
SAP  SD/MM  Ver.  4.0  above, 
CRM,  HTML.  JavaScript,  PERL, 
ARIS,  MS  Project  and  RDBMS 
and  B.S  Computer  Science  or 
related  field. 

Apply  to:  Infowave  Systems, 
1701  Shallcross  Avenue,  Suite 
B-6,  Wilmington,  DE  19806. 


Marketing  Director  for  computer 
printer  technologies  company 
located  in  Chantilly,  Virginia. 
Minimum  two  years  experience 
directing  the  marketing  activities 
of  a  computer  printer  technologies 
company,  including  researching 
and  identifying  new  technical 
requirements  and  specifications 
for  products,  communicating 
strategic  and  tactical  product 
requirements  to  engineering, 
working  with  engineering  to 
develop  new  product  features, 
researching  potential  target 
markets  for  products,  developing 
pricing  strategies  to  maximize 
market  share,  directing  and 
administering  company  market¬ 
ing  program,  and  directing  and 
managing  the  creation  of  new 
product  collateral.  The  position 
is  located  in  Chantilly,  Virginia 
with  25%  domestic/international 
travel.  Send  resume  to  Human 
Resources,  Genicom,  LLC,  1 
Solutions  Way,  Waynesboro, 
Virginia  22980. 


Senior  Systems  Consultant  - 
recommend  systems  solutions  & 
implementation;  develop,  track  & 
manage  project  plans;  perform 
functional  consultation  for  cus¬ 
tomers  &  clients;  prepare  complex 
recommendations  &  proposals; 
analyze,  design,  develop,  code, 
test  &  implement  systems  software 
utilizing  knowledge  of  &  exp.  w/ 
Vantive,  Oracle  7.X/8.X,  PL/SQL, 
VBScript,  Unix  Shell  Scripting, 
Developer  2000  &  HP-UX;  tune 
&  troubleshoot  current  technical 
applications  &  systems  software; 
lead  teams  of  systems  consul¬ 
tants,  analysts  &  programmers; 
Requires  BS  (or  MS)  in  computer 
science,  information  systems  or 
engineering,  plus  6  YR  related 
exp.  (4  YR  exp.  with  MS).  Please 
apply  online  at  http://www. 
bellhoweli.com/mmt/careers 

/1530.shtml  or  email  to  resume 
durham@bellhQwell.com. 

Please  reference  Requisition 
#100V 


Software  Engineer  -  Williamsport, 
PA.  Experience  in  design  and 
development  of  applications 
using  SAP  ABAP/4,  Oracle,  Visual 
Basic,  C++  and  Unix.  Relocation 
within  USA  Possible.  Attractive 
compensation  package.  Send 
resume  to  Supriya  Palayekar, 
Palayekar  Companies,  Inc., 
1959  East  Third  Street, 
Williamsport,  PA  1 7701 . 


Radiant  Systems,  Inc.  a  Nation¬ 
wide  Technology  provider  located 
in  NJ,  CT,  TX  &  FL  req  Computer 
Professionals  with  Hardware 
and/or  Software  skills  including: 
C,  C++,  Java.  Java  Scripts,  Perl, 
HTML.  SQL,  Pro'C,  Visual  Basic. 
Visual  C++.  Gupta-SQL,  Power- 
builder  Crystal  Reports,  MFC, 
Windows  SDK,  Oracle,  Informix, 
Sybase,  Developer  2000,  Lotus 
Notes,  Lotus  Script,  Unix,  Win¬ 
dows  NT,  Windows  97,  Real 
Time  Embedded  System  HP- 
Unix,  Admins,  Sun  OS,  Help 
Desk/PC-Support,  SAP.  R/2- 
R-3,  ABAP/4,  SAP  Scripts,  JD 
EDWARDS.  PL/5,  PEOPLESOFT. 
COBOL/  CICS/DBS,  IDMS, 
AS/400.  MVS.  RPG/  400  Win 
Runner.  Load  Runner,  MS-  Test, 
SQA  Suite,  SNMP,  RTOS,  COR- 
BA,  ASP,  Active-X,  DTM/TDMA, 
FDMA,  Routers,  ATM  Switch, 
DSP/  ATM,  FRAME  RELAY, 
TCP/IP,  ISDN,  COM,  DCOM, 
ASP,  SAS,  DSOS,  VS  WORK, 
Assembly  Acics,  Designer,  Hard¬ 
ware  Architecture,  VHDL, 
SONET/SDH,  SNMP,  HP  Open- 
view,  Map  Info/Arc  Info  Project 
Managers,  Technical  Writers. 
Candidates  w/a  BS  (or  equiv)  & 
2  yrs  exp.  as  Programmer  Analyst 
and/or  MS  (or  equiv)  &  1  yr  exp. 
as  Software  Engineer. 

Excellent  Benefits 

Apply  to:  E-Mail:  RADIANTS 

@  RADIANTS.COM 

Attn:  Human  Res.  Dept.,  107  a 

Corporate  Blvd,  S.  Plainfield,  NJ 

07080. 


Unix  System  Administrator  for 
many  flavors  of  Unix  incl.  Compaq 
Tru64  Unix,  Sun/Solaris  &  Linux. 
Maintain  h/ware  reqd  for  all  flavors 
of  Unix  servers  &  workstations. 
Provide  &  maintain  developmen¬ 
tal  &  teaching  tools  &  utilities 
needed  to  support  academic  com¬ 
puting.  Maintain  Directory,  Email 
&  Web  svcs  needed  for  admin 
computing.  Other  responsibilities 
incl:  s/ware  installation/upgrades, 
documentation  dvlpmt,  perfor¬ 
mance  tuning,  backup  &  recovery, 
troubleshooting  &  consulting 
w/vendors  &  developers,  capaci¬ 
ty  planning,  configuration  mgmt, 
user  support.  Will  work  closely 
w/n/work  administrators, 

Helpdesk  staff  &  campus  facul¬ 
ty/staff.  Responsible  for  day-to- 
day  maintenance  &  backup  of  all 
systems  &  applies.  Coord  student 
technicians  in  processing  of  new 
accts  &  user  system  access/se¬ 
curity.  Reqs  demonstrated  ability 
to  manage  file  system  &  support 
educational  community.  Bach  in 
Comp  Sci  &  2  yrs  exp  specific  to 
position  reqd.  Must  be  well  versed 
in  Unix  shell  scripting,  C/C++, 
Perl,  TCP/IP  &  client/server, 
N/work  Svcs:  DHCP,  DNS,  Send- 
mail,  NFS,  NIS,  Radius,  FTP,  Web 
&  MS  Office.  Knowl  of  WinNT  &/or 
VAX  VMS,  LDAP  (Oracle,  Cisco 
routers)  a+.  Qualified  persons 
should  send  Itr  of  application,  cur¬ 
rent  vita  &  3  refs  to  Diana  Catley, 
HR  Dept,  Ref#867,  Ramapo  Col¬ 
lege  of  NJ,  505  Ramapo  Valley 
Rd,  Mahwah,  NJ  07430-1680  or 
email:  dcatley@ramapo.edu 


HRMS  Customization  Software 
Engineer-  Cordova.  Tennessee 
Part  of  a  team  responsible  for  the 
analysis,  design  &  customization 
/modification  of  PeopleSoft  HRMS 
system  in  an  Oracle  &  UNIX 
environment.  Will  utilize  People- 
Soft  version  8  technologies  in¬ 
cluding  PeopleTools,  Application 
Engine  &  SQR  to  customize  &/ or 
write  batch  processes.  Must 
have  a  BS  degree  or  equivalent 
with  major  field  of  study  in  Comp. 
Sci,  Engineering  or  related  field. 
Must  have  3  yrs  of  exp.  in  the  job 
offered  or  3  yrs  of  exp.  in  a  posi¬ 
tion  involving  PeopleSoft  HRMS 
customization/modification  in  an 
Oracle  &  Unix  environment.  Exp. 
mentioned  may  have  been 
obtained  concurrently  &  must 
include  2  yrs  of  exp.  working  with 
PeopleSoft  version  8,  including  1 
year  of  exp.  each  in  PeopleTools, 
Application  Engine  &  SQR.  Must 
have  legal  authority  to  work 
in  U.S.  Please  send  resume  to 
S.  Muhammad,  Union  Planter's 
Corporation,  7130  Goodlett 
Farms  Parkway,  Cordova,  TN 
38018. 


Senior  Software  Engineer  - 
analyze,  design,  develop,  test  & 
implement  eGovernment  appli¬ 
cations/products  using  knowl¬ 
edge  of  &  exp.  w/  RDBMS  (Oracie. 
MS  SQL  Server),  Unix  Shell 
Script,  Unix  Utilities  (lex,  yacc, 
awk),  Java,  JavaScripts.  Java 
Swing,  JDBC,  Pro'C,  C++.  C, 
Unix  (Sun  Solaris)  &  Windows 
2000/NT;  manage  on-site  & 
remote  development  teams. 
Requires.  Web  &  Application 
server  use  &  maintenance  exp.; 
BS  (or  MS)  in  computer  science 
or  information  systems  +  7  YR 
related  exp.  (5  YR  w/  MS);  atleast 
2  YR  exp.  in  eGovernment 
applications.  Interested  candidates 
e:mail  resumes  to  krcehling 
©niousa.com. 


Software  Engineer  Needed  to 
develop  middle-ware  components 
for  real-time  management  and 
testing  of  various  network  de¬ 
vices  utilizing  a  common  platform 
to  manage  CDMA,  TDMA,  GSM 
and  other  environments.  MS 
in  C.  Science  or  related  field  & 
programming  experience  in 
Java,  XML,  CORBA,  Visibroker 
required.  Send  resumes/salary 
history  to:Alexander  Gavrilov, 
SoftTrend,  lnc„  6160  N.  Cicero, 
Suite  124,  Chicago,  IL  60646. 


Principal  Software  Engineer  will 
design,  develop  and  maintain 
software  using  COM/DCOM  on 
NT/2000  platform  for  middle-tier 
of  a  3-tier  architecture  for  Com¬ 
pany's  Fixed  Income  division. 
Will  deploy  and  administer  com¬ 
ponents,  written  with  programming 
languages  (Java,  C++,  Visual 
C++,  Visual  Basic,  C#),  under 
application  servers:  MTS  and 
COM+.  Will  use  JDBC/OLEDB 
for  accessing  data  from  data¬ 
base  (Sybase  and  AS400).  Will 
also  write  ASP  pages  using 
VB  Script  and  Java  Script  and 
deploy  them  under  IIS.  Requires 
Bachelor's  or  equivalent  in  Com¬ 
puter  Science,  Engineering, 
Mathematics,  Business,  Statistics, 
or  Physics,  plus  five  (5)  years 
experience  in  Job  Offered  OR 
five  (5)  years  experience  in  3- 
tier  client/server  architecture 
OR  Master's  or  equivalent  in 
Computer  Science,  Engineering, 
Mathematics,  Business,  Statistics, 
or  Physics,  plus  three  (3)  years 
experience  in  Job  Offered  OR 
three  (3)  years  experience  in  3- 
tier  client/server  architecture. 
Candidate  must  also  possess 
demonstrated  expertise  devel¬ 
oping  and  deploying  Middleware 
using  COM,  DCOM,  MTS,  and 
COM+;  demonstrated  expertise 
programming  in  Java,  C++,  and 
Visual  Basic;  and  demonstrated 
expertise  programming  Sybase 
connectivity.  Salary:  $75,700/ 
yr,  M-F,  9AM-5PM.  Send  2 
resumes  to  Case  #2002-402, 
PO.  Box  989,  Concord,  NH 
03302-0989.  EOE.  Applicants 
must  be  U.S.  workers  eligible  to 
accept  full-time  employment  in 
U.S. 


COMFORCE  Information  Tech¬ 
nologies,  a  leading  technical 
staffing  company  currently  seeks 
applicants  for  the  following  posi¬ 
tions  in  its  Duluth  offices:  Senior 
Systems  Analyst.  Applicants 
for  this  position  must  have  a 
bachelor's  in  computer  science, 
engineering,  or  related  field  plus 
five  years  of  experience  In  pro¬ 
gramming  and  coding  with 
PL/SQL  and  SQL  Server  to 
include  three  years  experience 
programming  and  coding  with 
HTML,  Java  and  JavaScripts. 
For  consideration,  please  forward 
your  resume  and  letter  of  Interest 
by  mail  to:  COMFORCE  Infor¬ 
mation  Technologies.  Resource 
Manager.  6470  East  Johns 
Crossing.  Suite  170.  Duluth.  GA 
30097.  Do  not  email  resumes. 
EOE 
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IT  CAREERS 


experience 

•  managing  network  operations  team 
\  •  resolving  UNIX  problems 
\  •  working  lots  of  overtime  with  little  reward 


ready  to  experience 

\»  variety  of  leadership  opportunities  in  IT 
N.  •  workplace  that  celebrates  diversity 

>NS*  compensation  that  rewards  performance 


Get  there  with  State  Farm. 

Come  to  work  on  one  of  the  world's  largest 
computer  networks.  And  see  your  hard  work 
pay  off- in  your  salary  and  benefits.  Plus,  take 
advantage  of  opportunities  to  manage  friendly 
people  from  a  wide  variety  of  backgrounds. 
These  are  just  a  few  of  the  reasons  we  rank 
#2  in  Computerworld' s  "Best  Places  to  Work." 


or  more  information,  visit  statefarm.com’ 
Amail  jobopps.corpsouth@statefarm.com 


iff  a  good  neighbor.  State  Farm  is  theH 

jef  irm  Insurance  Companies  •  Home  Offices:  Bloommj 
Hal  Opportunity  Employer 


It’s  like  having 

the  i nsi de  track  on 

all  the  hottest  tech  jobs, 

all  the  time. 


i 

The  hottest  job  leads  you  can’t 
find  anywhere  else  are  all  right 
here.  That’s  because  Dice  is  all 
tech  jobs,  all  the  time.  Get  the 
inside  track  on  the  best  tech 
jobs.  Go  to  dice.com  today. 


©  2002  Dice  com 


I71ET2S 

Network  Service  Solution* 

NET2S  is  a  leading  International 
Consulting  and  Engineering  firm 
specializing  in  communications 
technologies.  We  are  presently 
seeking  to  fill  the  following  posi¬ 
tions: 

•  Sr.  Tibco  (RV,  Integration  Mgr) 
Developer 

•TIBCO/TRIARCH  Systems 
Engineer 

•  Sr.  Security  Systems  Engineer 
All  positions  require  BS/MS 
degree  with  a  minimum  of  2  to  3 
years  of  experience  in  the  field. 
Must  possess  excellent  commu¬ 
nication  skills  as  well. 

NET2S,  82  Wall  Street  Suite  400, 
New  York,  NY  10005;  Fax:  (212) 
279- 1 960;  Phone  (21 2)  279-6565; 
or  Email:  iobus-nv@net2s.com 


Trusted 
by  more 
hiring 
managers 
than  any 
IT  space 
in  the 
world. 


elite 

companies 


emerging 

companies 


e-ssential 

complies 


e-normous 

opportunities 


careers.com 


where  the  best 
get  better 
1-800-763-2977 
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DSL  providers  expand  service  options 


■  BY  MICHAEL  MARTIN 

DSL  companies,  like  their  cable 
counterparts,  are  beginning  to 
introduce  a  variety  of  service 
plans  and  pricing  options,  giving 
companies  with  telecommuters  a 
choice  of  paying  more  money  for 
a  high-end  service,  or  less  for  a 
basic  broadband  offering  that’s 
still  better  than  dial-up. 

Until  recently,  DSL  providers 
didn’t  offer  many  broadband  op¬ 
tions,  says  Matthew  Davis,  an  ana¬ 
lyst  with  The  Yankee  Group. 

“The  technology  wasn’t  really 
there  to  allow  them  to  differenti¬ 
ate,  but  it  is  nowf  he  says. 

Many  DSL  providers  offered 
speed  variations,  but  the  speed 
was  controlled  at  the  DSL  access 
multiplexer,  and  there  were  no 
solid  service-level  agreements  or 
quality  guarantees. 

But  now,  service  providers  are 
putting  software  systems  in  place 
that  let  them  ensure  different  lev¬ 
els  of  service  and  speed  for  differ¬ 
ent  DSL  offerings,  Davis  says. 

One  company  making  systems 
that  let  providers  offer  different 


SBC  introduces  tiered  DSL  services 

Once  fully  implemented,  the  service  speeds  will  include: 


DSL  product 

Speed:  download/ 
upload  kilobit/sec 

Recommended  uses 

DSL  Basic  Package 

Up  to  384  by  128 

Web  surfing,  e-mail,  online  research 

DSL  Standard  Plus  Package 

384  to  1,500  by  128 

Streaming  audio/video,  home  network 

DSL  Deluxe  Package 

768  to  1,500  by  256 

Telecommuting,  videoconferencing 

DSL  Standard  Plus  —  S  Package 

384  to  1,500  by  128 

VPN  access,  hosting  Web/e-mail  server, 
business-to-business  commerce 

DSL  Expert  Plus  —  S  Package 

1500  to  6,000  by  384 

Uploading  large  documents  to  shared 
server,  high-grade  videoconferencing 

DSL  flavors  is  Spirent  Communi¬ 
cations.  Spirent,  which  makes  a 
range  of  DSL  testing  and  manage¬ 
ment  software,  has  a  client  list  that 
includes  regional  Bell  operating 
companies  SBC  Communications 
and  Verizon. 

SBC  is  the  latest  provider  to 
unveil  tiered  service  and  pricing. 

In  late  August, SBC  announced  it 
would  roll  out  six  DSL  packages 
this  fall. The  packages  range  from 
a  basic  service  that  offers  down¬ 


load  speeds  of  up  to  384K  bit/sec 
and  upload  speeds  of  up  to  128K 
bit/sec  with  a  dynamic  IP 
address,  to  a  high-end  offering 
with  download  speeds  ranging 
from  1 ,5M  to  6M  bit/sec,  upload 
speeds  of  up  to  384K  bit/sec  and 
five  static  IP  addresses. 

The  main  goal  of  most  DSL  and 
cable  providers  offering  tiered 
services  is  to  attract  customers 
who  aren’t  willing  to  pay  the  cur¬ 
rent  cost  of  a  standard  broad- 
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continued  from  page  10 

fixes  to  every  machine,  and  cre¬ 
ates  detailed  assessment  and 
remediation  reports.  The  tool 
also  provides  users  with  real¬ 
time  access  to  Microsoft’s  patch 
database. 

Also  on  the  server  front, start-up 
SaberFile  will  debut  its  SaberFile- 
HQ,  an  appliance  that  controls 
access  to  files  stored  on  a  corporate  network  on 
any  platform.  The  gateway  consolidates  adminis¬ 
tration  of  file  access  rights  using  its  Policy  Manager 
feature  and  integrates  with  corporate  directories 
to  handle  authentication  of  users.The  gateway  can 
be  installed  behind  a  firewall  or  used  to  provide 
access  to  company  files  for  external  users. 

Beyond  security 

N+l  has  seen  better  days  in  terms  of  vendor  and 
attendee  turnout,  but  issues  such  as  convergence 
and  upgrading  network  infrastructures  for  the  future 
have  not  disappeared,  says  Bobby  Johnson,  CEO  of 
Foundry,  who  is  giving  a  keynote  at  the  show. 

"I  think  given  the  economy,  many  enterprises  have 
put  a  little  bit  of  a  cap  you  could  say  on  some 
deployment  plans, ’’Johnson  says.'  But  as  people  start 
looking  to  replace  old  FDD1  and  ATM  networks, 
they’ll  look  to  next-generation  Ethernet-based  solu¬ 
tions.  They  certainly  don’t  want  the  network  to  be  a 
bottleneck  down  the  road.” 

Also  at  N+l: 

•  Coyote  Point  Systems  will  announce  its 
Equalize)  7.0,  a  Layer  7-enabled  upgrade  for  the 


fcfc Wireless  networks  can  be  just 
as  secure  as  their  wired 
counterparts.  9  9 

Craig  Mathias 

Principal,  Farpoint  Group 


company’s  E-350  and  E-450  load-balancing  appli¬ 
ances.  The  Layer  7  capabilities  include  cookie- 
based  persistence,  HTTP-based  load  balancing  and 
security  with  Secure  Sockets  Layer  identification- 
based  persistence. 

•  Celestix  Networks’  FV930  VPN  appliance  will 
be  introduced  at  the  show  with  preinstalled 
Check  Point  Software  VPN-1,  Firewall-1  and 
FloodGate-1  software.  It  is  targeted  at  midsize 
networks  and  can  provide  up  to  189M  bit/sec  of 
firewall  throughput. 

•  Network  interface  card  (NIC)  vendor  Syskonnect 
will  jump  on  the  security  bandwagon  with 
announcements  that  its  Gigabit  Ethernet  fiber-  and 
copper-based  adapters  will  be  used  in  security 
products  such  as  Network  Associates’  Sniffer  and 
Internet  Security  Systems’  RealSecure  Gigabit 
Network  Sensor  security  appliance.  The  company 
also  will  announce  its  single-chip  NIC,  which  it  says 
will  cost  around  half  the  price  of  its  previous  high- 
end  Gigabit  Ethernet  adapters. 


Senior  Editor 
this  story. 


John  Fontana  contributed  to 


band  service,  says  Pat  Hurley  an 
analyst  with  TeleChoice. 

Service  tiers  let  providers  offer 
basic  packages  for  less  than  $50 
per  month,  which  is  the  standard 
rate  for  most  DSL  and  cable  plans. 

But  the  tiers  also  let  companies 
wanting  better  service  for  key 
telecommuters  pay  more  for  bet¬ 
ter  service  guarantees. 

One  pricing  tier  drawback  is 
that  companies  and  consumers 
that  are  used  to  paying  a  standard 
one-size-fits-all  fee  for  a  heavily 
used  connection  might  end  up 
having  to  pay  more,  or  settle  for  a 
lower-quality  service. 

“Consumers  are  going  to  have 
to  get  used  to  the  idea  of  paying 
for  more  when  it  comes  to  broad¬ 
band,’’  Davis  says. 

At  the  same  time,  if  the  RBOCs 
want  to  attract  higher-end  busi¬ 
ness  users  and  power  telecom¬ 
muters,  they’ll  have  to  offer  ser¬ 
vice  guarantees,  Hurley  says.  ■ 
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Cisco:  VPNs 
vulnerable 

■  BY  IDG  NEWS  SERVICE 

SAN  JOSE  —  Cisco  last  week 
warned  of  vulnerabilities  in  some 
of  its  VPN  products  that  could 
make  it  easier  for  hackers  to  get 
into  secured  networks  or  carry 
out  denial-of-service  attacks. 

Cisco  issued  an  advisory  (www. 
nwfusion.com,  DocFinder:  2158) 
detailing  13  vulnerabilities  that 
could  affect  its  VPN  3000  series 
concentrators.  Those  devices  are 
designed  to  provide  secure 
remote  access  to  enterprise 
resources  over  public  networks. 


Cisco  VPN  3000  concentrators  are 
vulnerable  to  attacks,  but  patches 
are  available. 

The  potential  problems  were 
uncovered  by  customers  and 
through  internal  development 
testing.  Cisco  is  not  aware  of  any 
malicious  use  or  public  an¬ 
nouncement  of  the  vulnerabili¬ 
ties,  according  to  the  advisory. 

The  advisory  contains  links  to 
software  patches  on  Cisco’s  Web 
site.B 
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how  you’re  going  to  deal  with  heteroge¬ 
neous  receivers,”  says  Allison  Mankin,  a 
director  of  the  lETFs  Transport  Area  who 
oversaw  development  of  this  framework. 
“This  approach  has  a  lot  of  promise.” 

The  lETFs  new  framework  targets  a  real- 
world  problem  for  corporations,  says 
Lucinda  Borovick,  director  of  data  center 
networks  with  1DC. 

“You  have  your  data  center  and  distrib¬ 
uted  sites,  and  you  need  to  find  a  way  to  get 
large  files  and  applications  from  head¬ 
quarters  to  remote  locations,”  Borovick 
says.  “Most  IT  managers  just  increase  their 
network  bandwidth,  and  hopefully  that’s 
not  too  cost-prohibitive.  But  the  files  are 
getting  so  big  that  increasing  bandwidth 
doesn’t  work.” 

Borovick  says  IT  managers  can  use  data 
compression  or  bandwidth-man¬ 
agement  techniques  to  address 
this  problem.  However, she  is  opti¬ 
mistic  about  the  multicast  ap¬ 
proach  taken  in  products  from 
Digital  Fountain  and  its  reseller, 

Cisco. 

“There’s  a  clear  need  for  this 
technology  Borovick  says. 

Digital  Fountain  is  the  leader 

Digital  Fountain,  a  leader  in  de¬ 
veloping  products  to  support  the 
lETFs  Reliable  Multicast  Transport 
framework,  has  several  customers, 
including  Seibel  and  BeopleSoft. 

These  companies  use  Digital  Foun¬ 
tain’s  specialized  servers  to  ensure 
timely  and  predictable  delivery  of 
software  builds  to  development 
teams  in  Europe,  Asia  and  South 
America. 

PbopleSoft  sends  between  60 
and  70  software  builds  per  week 
to  its  14  offices  worldwide,  and  those  files 
range  in  size  from  50M  to  400M  bytes,  says 
Graham  Begg,  manager  of  environment 
global  operations.These  files  are  sent  over 
the  company’s  private  frame  relay  net¬ 
work,  which  has  connections  ranging 
from  256K  to  2M  bit/sec. 

BeopleSoft  wanted  an  automatic  system 
for  sending  these  files  in  the  most  efficient 
way  over  low-bandwidth  connections. 
More  important  than  speeding  up  the  de¬ 
livery  time  for  these  files  was  guaranteed 
delivery  within  a  specified  time  frame  re¬ 
gardless  of  the  network  going  down  or 
being  congested. 

“It’s  the  reliability  and  the  predictabil¬ 
ity  that  we  were  looking  for,”  Begg  says. 
“We  need  to  know  that  on  a  particular 
day  at  9  a.m.  local  time  the  file  will  be 
available.” 

So  BeopleSoft  purchased  Digital  Fount¬ 
ain’s  Transporter  Fountain,  which  has 
operated  in  production  mode  for  four 
months.  So  far,  the  Transporter  Fountain 
has  successfully  delivered  all  of  People- 
Soft’s  files  within  one  hour  and  45  minutes 
as  programmed. 

Begg  says  the  Transporter  Fountain  cost 


about  $50,000  and  required  no  more  than 
20  manhours  to  set  up. 

“The  return  on  investment  will  come 
when  we  experience  some  catastrophic 
event  on  the  network  that  would  have 
prevented  a  file  [from]  getting  where  it 
needs  to  go,”  Begg  says.  “The  ROI  comes 
when  we  don’t  lose  development  time.” 

Begg  set  up  the  Transporter  Fountain  in 
unicast  or  point-to-point  mode,  but  plans 
to  migrate  to  multicast  mode  soon. 

“That  will  further  reduce  our  hit  on  the 
network  and  improve  our  WAN  perfor¬ 
mance,”  Begg  says.  “That’s  when  we’ll  get 
the  real  benefit.” 

Luby's  encoding  technique 

In  addition  to  supporting  the  IETF’s 
Reliable  Multicast  Transport  work,  Digital 
Fountain’s  servers  also  boast  a  patented 
mathematical  encoding  technology  de¬ 
veloped  by  the  company’s  co-founder 


and  CTO,  Michael  Luby  This  encoding 
technique  breaks  up  large  data  files  for 
delivery  across  a  network. 

In  traditional  data  delivery,  a  large  file  is 
chopped  up  into  small  pieces  and  sent 
over  a  WAN  with  an  acknowledgement  of 
delivery  sent  back  for  each  piece.  All  the 
pieces  have  to  get  to  their  destination  in 
the  right  order  for  the  data  to  be  deliv¬ 
ered.  If  the  transmission  is  interrupted,  the 
whole  process  starts  over. 

Luby’s  algorithm  turns  data  into  a  series 
of  equation-like  packets  called  Meta- 
Content.  Each  packet  has  mathematically 
encoded  information  about  the  entire  orig¬ 
inal  file.  So  it  doesn’t  matter  which  Meta- 
Content  packets  arrive  or  in  what  order,  as 
long  as  enough  of  them  are  received.  What 
constitutes  “enough”  varies  by  application. 
If  the  network  connection  is  interrupted, 
the  transmission  of  the  Meta-Content  pack¬ 
ets  will  start  from  where  it  left  off. 

“Meta-Content  packets  are  like  little  sol¬ 
diers,”  Luby  explains.  “It  doesn’t  matter 
which  ones  get  through  as  long  as  enough 
get  through." 

Luby’s  innovation  gets  high  marks  from 
IETF  officials  who  have  worked  with  him 


on  the  Reliable  Multicast  Transport 
framework. 

“Digital  Fountain  is  really  the  creator  of 
this  class  of  multicast  applications,”  Man- 
kin  says.“Luby  has  created  a  very  success¬ 
ful  piece  of  mathematics  that’s  proprietary 
to  Digital  Fountain. . . .  But  he’s  also  done 
well  with  the  protocol  work.” 

Luby  and  Digital  Fountain  have  been  in¬ 
volved  in  the  lETFs  Reliable  Multicast 
Transport  work  from  the  beginning. 

The  focus  of  the  IETF’s  Reliable  Multicast 
Transport  working  group  was  to  prevent 
congestion  problems  from  the  use  of  mul¬ 
ticast  communications  for  large  file  distrib¬ 
ution.  Multicast  employs  the  User  Data¬ 
gram  Protocol  (UDP)  running  on  IP  rather 
than  the  more  common  TCP  running  on  IP 
Unlike  TCPUDP  does  not  have  built-in  con¬ 
gestion  control. 

“You  can’t  really  do  multicast  with  TCP 
because  [multicast  requires]  two  peers 


talking  to  each  other,”  Mankin  explains. 
“You  have  to  find  a  way  to  do  congestion 
control  with  something  other  than  TCP 
The  job  of  the  Reliable  Multicast  Transport 
working  group  was  to  find  acceptable 
congestion  control  for  these  applications.” 

IETF  seeks  requests  for  comments 

The  IETF  on  Aug.  27  approved  the  first 
two  documents  from  the  Reliable  Multicast 
Transport  working  group  as  experimental 
requests  for  comments  —  an  interim 
phase  before  full  standardization. 

The  documents  together  make  up  a  flex¬ 
ible  framework  for  the  distribution  of 
large,  static  files  across  the  Internet.  The 
Layered  Coding  Transport  (LCT)  docu¬ 
ment  describes  how  the  sender  can  split  a 
large  file  over  multiple  multicast  channels 
to  speed  up  delivery  and  avoid  network 
congestion.  The  Asynchronous  Layered 
Coding  document  describes  how  to  use 
any  forward  error-correction  encoding 
technique  —  such  as  Luby’s  Meta-Content 
packets  —  over  the  LCT  protocol.  Luby 
and  engineers  from  Cisco 
and  Microsoft  co-auth¬ 
ored  these  documents. 


Jim  Gemmell,  a  Microsoft  researcher 
and  co-author  of  the  two  documents,  has 
tested  these  protocols  to  distribute  a 
600M-byte  Windows  2000  software  build 
to  Microsoft’s  developers. 

“Every  night,  we  put  out  the  latest  soft¬ 
ware  build,  and  hundreds  of  developers 
need  it  the  next  morning.  It  loads  up  our 
network,”  Gemmell  explains.  “I  can  [dis¬ 
tribute  the  build]  off  my  notebook  com¬ 
puter  using  a  one-half-megabit  multicast 
stream  and  satisfy  everybody  quicker  than 
if  they  all  pounded  on  our  servers.” 

Other  applications  Gemmell  has  tried 
include  distribution  of  PowerPoint  presen¬ 
tations  and  software  fixes. 

“The  first  time  there  was  an  Internet  Ex¬ 
plorer  upgrade,  we  wiped  out  Washington 
state’s  Internet  infrastructure  with  the 
demand,”  Gemmell  says. “We  could  pretty 
easily  use  multicast,  and  it  would  scale 
easier  and  use  fewer  network  resources.” 

What's  next? 

Next,  the  Reliable  Multicast  Tran¬ 
sport  working  group  plans  to  de¬ 
velop  protocols  that  will  support 
the  distribution  of  large  data  files 
that  are  created  on  the  fly  such  as 
live  video  feeds  and  stock  quotes, 
vs.  the  static  files  that  the  group’s 
first  two  documents  handled. 

The  initial  working  group  docu¬ 
ments  might  be  a  shot  in  the  arm 
for  multicast,  which  has  yet  to 
gain  popularity  despite  built-in 
support  in  most  routers  and  net¬ 
work  hardware.  Originally  de¬ 
signed  for  streaming  video,  multi¬ 
cast  has  few  carriers  that  support 
it  and  there  is  little  use  within 
enterprise  networks.  Distribution 
of  large  files  might  be  the  “killer" 
application  for  multicast,  obser¬ 
vers  say. 

“What’s  going  to  push  multicast 
for  this  application  is  the  size  of  the  con¬ 
tent  and  how  fast  it’s  increasing  and  how 
pervasive  the  problem  is,”  Borovick  says. 
“The  pain  is  going  to  have  to  be  greater 
than  the  cost  for  enterprises  to  adopt  this 
approach.” 

Gemmell  says  the  multicast  approach  to 
large-file  distribution  will  save  companies 
money  on  bandwidth  and  server  capacity. 

“The  beauty  of  it  is  that  it  lets  some¬ 
body  become  a  source  of  data  to  a  huge 
community  without  having  to  scale  up 
to  a  massive  server,”  Gemmell  says. “Any 
group  without  even  a  fast  link  or  a  big 
server  could  support  tons  of  users.” 

Gemmell  says  the  multicast  approach  is 
ideal  for  companies  that  use  satellite  com¬ 
munications  for  data  transfer  because  it 
requires  no  acknowledgements  coming 
back  from  the  receivers  as  the  message  is 
sent.  Another  good  application,  he  says, 
would  be  for  large  data  centers  that  regu¬ 
larly  repurpose  servers. 

“If  you  have  to  blast  a  disk  image 
out  that’s  80  gigabytes  to  multiple  ma¬ 
chines,  if  you  don’t  multi¬ 
cast,  you're  in  big  trouble,” 
he  says.  H 


Special  delivery 


Start-up  Digital  Fountain  has  developed  an  encoding  technique  that  can  be  used  in 
conjunction  with  a  new  IETF  framework  to  speed  distribution  of  large  files  over  IP 
networks  by  reducing  packet  acknowledgement  and  resending. 


Meta-Content 

server 

Current  way:  With  traditional  FTP, 
each  packet  has  to  be  received  in 
order  and  acknowledged.  If  a  packet 
is  lost  or  no  acknowledgement  is 
received,  the  packet  is  resent.  If  the 
connection  is  lost,  all  packets  have 
to  be  resent. 


Digital  Fountain’s  technology  (above): 

(1)  A  1  G-byte  file  is  broken  into  Meta-Content 
packets,  each  of  which  contains  mathematically  encoded  information 
describing  the  entire  original  file.  (2)  The  packets  can  arrive  in  any 
order,  (3)  do  not  require  acknowledgement  and  (4)  won't  be  disrupted 
by  lost  connections  because  the  sender  simply  keeps  sending  Meta- 
Content  packets  until  enough  arrive  to  re-create  the  original  file. 
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Systems  for  megalomaniacs 


“CRM  projects  are  notoriously  com¬ 
plex,  often  ouer  budget  and  frequently 
disappointing. . . .  Research  firm  Gart¬ 
ner  says  that  through  2006,  more  than 
50%  of  all  CRM  implementations  will 
be  viewed  as  failures  from  a  cus¬ 
tomer's  point  of  view!’ 

—  from  a  Network  Work  Fusion  article 
(www.nwfusion.com,  DocFinder:  2153) 


During  the  past  few  months  there  have  been  many 
stories  about  companies  that  set  out  to  create  com¬ 
prehensive  CRM  and  enterprise  resource  planning 
(ERP)  systems  only  to  find  out  they  couldn’t  be  built. 

Last  year  Highmark,a  health  insurer,  sued  KPMG 
Consulting  for  “tens  of  millions  of  dollars  over 
what  it  says  was  the  consultancy’s  failure  to  create 
a ‘critical’ electronic  billing  and  accounts  receiv¬ 
able  system.  Highmark  said  KPMG  abandoned  the 
two-year,  $15  million  project  [after  running]  over 
schedule  by  more  than  a  year  and  attempted  to 
charge  the  insurer  an  additional  $8  million  to  com¬ 
plete  the  first  phase  of  the  project”  (see  Computer- 
World  article  at  DocFinder:  2154). 

There  could  have  been  incompetence  on  either  or 
both  sides.  But  even  if  everyone  involved  —  the  cor¬ 
poration,  the  target  users  and  the  teams  responsible 
for  design,  coding,  implementation  and  configura¬ 


tion  —  is  in  agreement  about  what  the  brass  ring 
looks  like  and  how  to  grab  it,  once  the  carousel  is  in 
motion,  nabbing  the  ring  becomes  impossible. 

That’s  because  of  the  complexity  involved.  Hu¬ 
mans,  even  with  computers,  can  build  only  to  a  cer¬ 
tain  level  of  complexity,  because  there  are  real  lim¬ 
its  to  our  ability  to  extract  information  from  data. 

Complexity  Theory  is  a  branch  of  science  that 
attempts  to  model  systems  that  are,  well,  complex. 
Its  central  idea  is  that  simple  objects  create  elabo¬ 
rate  and  unexpected  behavior  through  interaction 
(go  to  DocFinder:  2155  for  more  information). 

Moreover,  it  suggests  that  “critically  interacting  com¬ 
ponents  self-organize  to  form  potentially  evolving 
structures  exhibiting  a  hierarchy  of  emergent  system 
properties”  (see  “Insights  from  complex  systems,” 
DocFinder:  2156). That  means  that  a  system  can  do 
things  you  never  imagined. 

To  sum  all  of  that  up:  Put  some  stuff  together  that 
does  anything  more  than  just  sit  there  and  rust,  and 
if  it  interacts  you’ll  get  more  than  you  bargained  for. 

Is  it  any  surprise  then  that  these  CRM  and  ERP  pro¬ 
jects,  which  verge  on  megalomania,  frequently  fail? 
But  if  some  control  freak  executive  gets  it  in  his 
head  that  “We  can  build  a  total  solution”  and  per¬ 
suades  others  that  this  idea  is  the  truth  and  the  light, 
surprisingly  many  corporations  just  can’t  say  no. 

Dick  Morleythe  man  who  invented  the  floppy  disk, 


once  said  of  factories,  which  are  hugely  complex 
systems:“You  don’t  have  a  prayer  in  hell  of  ever 
understanding  factories. You  really  don’t  have  con¬ 
trol.  By  striving  to  get  control, you  only  make  it 
worse.”The  same  applies  to  CRM  and  ERP  in  spades. 

Now  to  add  to  these  grandiose  corporate  control 
fantasies  we  have  a  new  one:  grid  computing. 

According  to  my  Network  World  colleague,  fellow 
columnist  Frank  Dzubeck  (DocFinder:  2157):“[A] 
grid  is  an  amorphous  IP  network  that  links  hetero¬ 
geneous  servers,  storage  devices,  clients,  appliances 
and  software  to  form  a  transparent  virtual  resource 
that  can  be  dynamically  allocated,  accessed  and 
shared  by  users  and  applications." 

Sounds  sexy  but  let’s  get  real. The  complexity  of 
such  solutions,  if  they  are  to  be  enterprise  scale, 
will  lead  to  vast  expense  and  huge  management 
overhead,  and  a  whole  new  universe  of  problems. 

And  imagine  the  problems  that  we'll  have  when 
CRM  and  ERP  systems  rely  on  grid  infrastructures! 

We,  the  high-tech  culture,  radically  overestimate 
our  ability  to  handle  complexity  and  what  we  can 
build,  and  underestimate  our  ignorance  of  how  sys¬ 
tems  really  work. 

As  a  wise  sage  once  wrote, “Keep  it  simple, stupid.” 

Thoughts,  simple  or  complex,  to  backspin@ 
gibbs.com. 


uzz  News,  insights,  opinions  and  oddities 


By  Paul  McNamara 

The  good  news  one  year  later 

We  will  hear  often  this  week  about  how  the 
attacks  of  Sept.  11  have  fundamentally  and  irre¬ 
versibly  changed  life  in  America. 

True  enough.  But  also  true  is  that  the  worst  fears 
of  many  have  failed  to  materialize,  particularly  with¬ 
in  the  particular  subset  of  U.S.  society  that  is  our 
industry. 

Despite  repeated  dire  warnings  to  the  contrary,  we  stand  a  year  after  the  worst 
assault  on  our  country  since  Pearl  Harbor,  and  terrorists  have  yet  to  disrupt  the 
power  grid,  our  telephone  networks  or  the  Internet.  If  they  have  attempted  to  harm 
major  U.S.  e-commerce  operations  through  computer  viruses,  such  efforts  have 
been  thwarted  or  crudely  ineffective. 

In  short,  there  is  good  news  to  make  note  of  in  addition  to  all  of  this  week’s 
solemnity  and  remembrance.  Which  isn’t  to  suggest  that  the  absence  of  addi¬ 
tional  terrorist  activity  has  or  should  have  bred  complacency. 

A  recent  survey  commissioned  by  AT &T  shows  that  three  out  of  four  large 
companies  now  have  a  formal  business-continuity/disaster-recovery  plan,  and 
that  three-quarters  of  those  companies  have  reviewed  the  adequacy  of  their 
plans  since  Sept.  11.  More  than  half  of  those  polled  report  that  network  and  IT 
security  have  become  more  important  issues  within  their  companies  since  that 
most  brutal  of  wake-up  calls. . . .  Prudence  reigns. 

Yet  in  the  immediate  aftermath  of  Sept.  11,  implicit  in  all  of  the  calls  for  greater 
attention  to  disaster  preparedness  was  the  assumption  that  disasters  of  the 
manmade  kind  would  inevitably  become  more  common  . . .  even  commonplace. 

As  of  this  writing,  at  least,  that  assumption  has  proven  unfounded,  and  for  that 
we  should  take  a  moment  to  be  thankful. 


Slingshot  mortally  wounded 

Last  November  we  wrote  about  a  prepaid  Internet  access  company  called 
Slingshot  —  $10  for  a  CD  that’ll  give  you  10  hours  online  —  and  the  item  carried 
this  headline:  “Who  would  have  thought  this  was  a  market?" 

Now  we  know  the  answer  to  that  question:  not  enough  customers. 

Slingshot  went  belly  up  recently  and  reportedly  left  some  25,000  customers 
holding  the  bag  for  16  million  minutes  of  prepaid  Internet  service  that  they  will  be 
unable  to  use.  A  company  executive  told  the  Seattle  Post-Intelligencer  that 
Slingshot  was  trying  to  make  arrangements  for  another  service  provider  to  do 
right  by  those  customers,  but  that  refunds  would  not  be  forthcoming. 

As  often  happens  in  the  wake  of  such  news,  competitors  were  stepping  forward 
last  week  to  volunteer  their  services  to  help  fill  the  void  created  by  Slingshot's 
demise.  Buzz  received  pitches  from  two  such  companies  —  Pine  Creek  Systems 
and  BAMnet.  Pine  Creek  brags  about  having  been  around  since  1997,  and  BAMnet's 
founder  talked  a  good  game  when  we  profiled  that  company  in  the  spring  of  2001. 

Needless  to  say,  caveat  emptor. 

Baseball  needs  fewer  lawyers 

Why  are  the  people  who  run  Major  League  Baseball  so  intent  on  driving  base¬ 
ball  fans  to  choose  another  pastime? 

The  narrowly  averted  players'  strike  was  difficult  enough  to  tolerate,  but  now 
comes  news  that  MLB  has  unleashed  its  lawyers  on  a  handful  of  fans  who  care  so 
passionately  about  their  respective  teams  that  they  built  Web  sites  for  the  like- 
minded  among  them.  The  alleged  sins  perpetrated  by  these  site  operators  didn’t 
amount  to  a  hill  of  scuffled  baseballs. 

National  Football  League  fans  build  their  share  of  such  Web  sites,  and  the  NFL’s 
policy  is  to  leave  them  be  unless  they  become  expressly  commercial. 

Want  to  sling  a  shot  my  way?  The  address  is  buzz@nww.com. 


Reasons  Than  Ever 

Choose  Canob 


SwV3»j 


VERSATILE  STANDARD 
25-622Mbps 


CANOBEAM  DT-30 


GIGABIT  ETHERNET 
1.25Gbps 


ECONOMICAL  QUALITY 
10-156Mbps 


Three  Canobeam  FSO  Product  Lines  Offer  Versatility, 
Affordability  And  Application  Specific  Requirements. 


The  DT-55  includes  all  features  offered  in  the 
DT-50  but  with  even  faster  Gigabit  Ethernet 
connectivity  capabilities. 


Now  there  are  two  great  additions  to  Canon’s 
Canobeam  DT-50  fiberless  (FSO:  Free  Space  Optics) 
transceivers:  The  Gigabit  Ethernet  DT-55,  and 
Economical  DT-30.  AH  Canobeams  set  up  in  minutes 
require  no  FCC  licensing  or  channel  allocation,  and 
operate  interference-free,  insuring  reliable, 
confidential  transmission. 


The  DT-30  is  a  lower  cost  transceiver  for  applications  .  ; 
with  shorter  link  distances  (up  to  500m),  where  '  ' 

auto-tracking  is  not  required.  The  DT-30  supports' 
data  rates  of  10  to  156  Mbps. 

if'  .  ••  - 

The  full  line  of  Canobeams  lets  customers  select  the 
appropriate  system  for  their  application  and  budget, 
from  ILECs  and  CLECs  looking  to  bridge  the  last  mile, 
to  enterprise  customers  connecting  campus  LANs.. 


The  DT-50  is  a  cost-effective  solution  that  features 
Canon’s  most  advanced  Auto-Tracking  System,  622 
Mbps  (ATM/OC-12)  transmission  speed,  links  of  up 
to  2  kilometers,  and  FDDI  and  Fast  Ethernet  using 
intercha n g eab le  ca rd s . 


For  more  info:  Call  1-800-321-4388 

(In  Canada:  905-795-2012) 
http://www.canobeam.com 


trademark  of  C^poninc.  ©2002  Canon  USA,  Inc, 


Canon  is  a  registered  trademark  and  Canon  Know  How  is  a 


Foundry  Networks’  Fastlron  Layer  2/3  switches  let  you  deploy  a  single  architecture  T©V 

enterprise-wide  that  yields  higher  performance,  better  ROI,  and  lower  Total  Cost  *sic  * 

of  Ownership.  Fastlrons  have  unparalleled  port  density:  up  to  672  10/100  ports,  232  Gigabit  Ethernet 
ports,  or  14  10-Gigabit  Ethernet  ports  in  a  single  modular  system.  Featuring  sFlow,  Fastlron  switches 
provide  wire-speed  network  monitoring.  Plus  the  Fastlrons  offer  superior  QoS  and  multicast  cap  Til 
ities,  wire-speed  bandwidth  management,  and  IronShield  security.  Learn  more  about  Fastlron  today  at 
L888.TURBOLAN  (887-2652)  or  www.foundrynetw orks.com/fi. 


NetworkWorld 


Pass-Along  Application 


To  qualify:  You  must  supply  your  name,  title  and  company  name/address/phone  on  the  business  reply  panel  below.  Please  print  clearly. 

]  My  home  is  also  my  business  address  Optional  delivery  address:  Enter  your  home  address  below  if  your  company  will  not  accept  delivery  at  your  business  address 

□  YES!  I  want  to  continue  to  receive  my  FREE  subscription  to  Network  World,  -  -  - 

the  leading  industry  resource  for  network  IT  executives.  C  No,  thank  you  treet  dress  ,Home 


If  there  is  a  parent  company,  please  provide  name 


Date 


Signature 

PubWer  mtrm  the  nfriMo  wrv?  only  ttcw  ndwouatt  »nc  -nect  pubfccabor  adfatcm  AJ  questons  nvst  be  answered  Incompete  farms 
«i  not  processM  atocnptons  svafet*  to  qutftod  U.S  appfccanL  International  rates  avatt*  upon  r«au«l 


City 


State 


Zip 


Internet  E-mail  Address 


What  is  the  estimated  numbet  of  employees  in  your  entire  organization/at  your  location? 

(check  ONE  n  each  section  onM 


Manufacturing  tciher) 

Finance/Banking 

Insurance/Real  Estata'Legal 

Health  Care  Services 

Hospitality/Entertainmenl'Recreation 

Medta/TV/CabterRadio/Print 

RetaitWholesale  Trade/Business  Services 

Transportation 

Utilrties/Process  Industries  IMmgiConstnjctkini 
Petroleum  RefkwgJAgnculturelForestry) 

Govemmenl/Military 
Consulting  (independent)* 


18.  □ 


Education 

Carriers/Voice/Data/ISP 
Web  Hosting/HSP 
ASP/SSP/MSP 

ManJachjrigCcrrrMjierrCwntnceeor&iOEM 
Resellers/VARs/VADs/Integrators/ 
Distributors  (Computer%IComnvKabons)* 
Other 


A. 

ENTIRE  ORGANIZATION 

B.  AT 

1. 

Over  20,000  6.  □  500  to  999 

1. 

2. 

10,000  to  19,999  7.  LI  499  or  Less 

2. 

3. 

5.000  to  9,999 

3. 

4. 

2,500  to  4.999 

4. 

5. 

1,000  to  2,499 

5. 

B.  AT  YOUR  LOCATION 


6.  _ 


10,000  to  19,999  7.  250  to  499 


1,000  to  2,499 


500  to  999 


'ATTN  CONSULTANTS,  INTEGRATORS  DISTRIBUTORS. 
RESELLERS  PLEASE  COMPLETE  FORM  BASED  ON  ALL 
CLIENTS  AND  YOUR  OWN  BUSINESS  NEEDS 


Please  indicate  the  Weh/Secunty/LAN/kitemetworidng/Wiretess/Mobile/WAN  Equipment/Canier 
Services  that  you  are  currently  involved  in  purchasing  or  plan  to  purchase,  (check  ALL  that  apply) 


A.  CURRENTLY  INVOLVED  IN  PURCHASING 


B.  PLAN  TO  PURCHASE 


P:  What  is  yout  primary  job  function?  (check  one  onM 
A:  What  additional  job  functions  are  you  involved  in?  (check  ALL  that  apply) 

PA  PA 

1 ,  f_  Network  Management  Q  6.  D  Engineering  Management/ 

_  CtOCTO/CSOilSTT/MiaSystems  Management  Applications  Management 

_  LAN  Management  U  7.  LJ  Corporate  Management  (CEO,  COO, 

_  Datacom/Telecom  Management  —  — .  CFO.  Pres..  VP.  Dir..  Mgr.) 

ZJ  Memet/lritranet/WebF-Commerce  Management  i — j  8. 1 — I  Consultant  (Independent) 

What  is  the  estimated  value  of  network  equipment  and  services  that  you  specify, 
recommend,  or  approve  the  porchase  of  for  this  location  and  for  all  other  locations? 

A  THIS  LOCATION  B.  ALL  OTHER  LOCATIONS 

(Plea*  BBS  the  appropnate  number  code  on  the  kne  next  to  each  product  category.  Please  complete  ALL  categones  A-R) 


WEB 
A  B 


2. 

Zj3. 

4. 

5. 


WIRELESS/MOBILE 

A  B 


01. 

Web  Servers/Software 

40. 

02. 

Web  Traffic  Management 

41. 

03. 

Electronic  Commerce  Tools 

42. 

04. 

Web  Development  Tools/Content  Mgmt. 

43. 

05. 

Web  Collaboration/Groupware 

44. 

06. 

Web  Acceletation/CachingLoad  Balancing 

45. 

07. 

Web  Hosting  Services 

08. 

Portal/Intranet 

WAN  EQ 

09. 

Other  Web 

A 

B 

1.  $100  Million  a  More 
Z  $50  Million  to  $99.9  Million 
1  $25  Minion  to  $49.9  Million 

4.  $10  Million  to  $24.9  Million 

5.  $1  Million  to  $9.9  Million 

6.  $100,00  to  $999,999 

7.  $50,000  to  $99,999 
8  Under  $50,000 

a  None  of  the  above 


A  B  A  B 

_  A.  _  Large  Systems  (Mantmes/unsi  _  I.  _ 

_  B._  Desktops  (ttoosta*ps«woaimi)  _J. 

_  C.  _  Mobile  l/nduding  PDAs  Metes)  _  K. 

_  D.  _  Servers  _  L 

_  E._LANs  _ M. 

F.  WAN  Equipment  _  N. 

_  G.  _  Carrier  Services  _  O. 

_  H.  _  Intemet/Web/E-Commecce  _  P. 


Intranet/Extranet 
htemetvmikrg  wa?  roubs  Sttnea 
.Storage 
Remote  Access 
_  Peripherals  (hcuxtigfwas 
.Software 

.  Services/Support  Services 
Security 


SECURITY 

- 

46. 

A 

B 

47. 

10. 

Firewalls 

48. 

11. 

Anti-Virus  Software 

cn 

12. 

Public  Key  Encryption  ( pki ) 

OU. 

51. 

13. 

DES  Encryption  Tools 

52. 

14. 

Authentication  Tools 

co 

15. 

Intrusion  Detection 

_ 

DO. 

CA 

16. 

Biometrics 

— 

OH. 

C.C. 

17. 

VPN  Equipment 

DD. 

56. 

18. 

VPN  Security 

57. 

19. 

VPN  Services 

co 

20. 

Other  Security 

DO. 

59. 

Ja  M  What  is  the  total  number  of  sites  fot  which  yoo  have  porchase  influence? 

(check  Qt£  only) 


1.D100+  2.  □  50  to  99  3.  □  20  to  49  4,Dl0to19  5.D2to9  6.Dl  7.DNone  — 


What  is  the  total  number  of  Servers/Clients  installed/planned  at  your  location/in  your  entire 

Organization?  (check  ONE  hox  in  each  column) 


At  Location  SERVERS  Entire  Org. 


At  Location  CLIENTS  Entire  Org.  =  34.  = 


A 

B 

C 

D 

i. 

50,000+ 

1. 

50,000+ 

_ 

2. 

10.000  to  49.999 

_ 

2. 

10,000  to  49.999 

3. 

1,000  to  9,999 

3. 

1,000  to  9,999 

4. 

100  to  999 

4. 

100  to  999 

5. 

50  to  99 

5. 

50  to  99 

_ 

6. 

10  to  49 

6. 

1 0  to  49 

_ 

7. 

1  to  9 

7. 

1  to  9 

_ 

8. 

None 

8. 

None 

Wireless/Cell  Phones 


Mobile  Data  Equipment/  Services 
45. _ Other  Remote/Wireless 


46.  |_|  Frame  Relay  Equipment 

Bandwith  Managers/Shaping/QOS  Tools 
48.  [_|  Optical  Networks/Switches 
Voice/Video  over  IP  Gateways 
Modems/Cable  Modems 
xDSL  Products 
Diagnostic  Test  Equipment 
DSUs/CSUs 
PBXs 

55. _  Public  Network  Equipment 

Call  Center  Tools 
Video  Conferencing  Gear 

58. _  ISDN  Equipment/Services 

Other  WAN  Equipment/Services 

CARRIER  SERVICES 
A  B 

Internet  Access  Service/ISP 
Private  Lines 
Frame  Relay  Services 
ADSL/DSL 
T-1/T-3  Services 
ATM  Services 
Managed  Services 
LAN-Extension  Services 
OC-3/OC-12 
Wavelength  Services 
Other  Carrier  Services 

A  B 

None  of  the  above  (1-70)  [ZH  71.  CZ! 


Fast  Ethernet 
Gigabit  Ethernet 
Layer  3-7  Switches 
ATM  Switches 
Routers 

Network  Attached  Storage  (NAS) 
Storage  Area  Networks  (SANs) 

Storage  Backup  (Optical.  Disk,  Tape,  RAID) 
Disaster  Recovery/Business  Continuity 
Storage  Resource  Management 
Network  Test/Diagnostic  Tools/Analyzers 
Uninterruptible  Power  Supplies  (UPS) 
Network  Interface  Cards  (NlCs,  PCMCIA ) 
Hubs/Intelligent  Hubs/Stackable  Hubs 
Cables,  Connectors,  Baiuns 
Wiring/Fiber  Systems 
Net  Management  Systems 
Voice  over  IP  (VoIP)  Tools 
Other  LAN/Intemetworking 


Please  indicate  the  Systems/Peripherals/Software/Applications/Gusiness  Services 
that  you  are  currently  involved  in  purchasing  or  plan  to  purchase,  (check  all  that  apply) 


60. 

61. 

_ 

62. 

63. 

64. 

65. 

66. 

_ 

67. 

_ 

68. 

69. 

_ 

70. 

_ 

What  is  your  scope  and  involvement  in  purchasing  decisions  for  network  products 
L  ®  and  services  for  yout  enterprise? 


A.  CURRENTLY  INVOLVED  IN  PURCHASING 
SYSTEMS/PERIPHERALS 


B.  PLAN  TO  PURCHASE 


A.  SCOPE  (check  QN£  only) 

Corporate/Enterprise 

1 .  Entire  Enterprise/Multiple  Enterpnses 

2.  | _ i  Multinational  Enterprise 

3.  U  Division/Multiple  Divisions 

4.  □  Department 
5. .  J None 


B.  INVOLVEMENT  (check  ALL  that  apply) 

1 .  D  Create  Network/IT  Strategy 

2.  _  Create  Short  List 

3.  _  Recommend/Specify  Brand 

4.  _  Authorize/Approve  Purchase 

5.  _  Evaluate  Products/Services 

6.  _  Determine  the  Need 

7.  U  None 


A 

01. 

B 

02. 

03. 

04. 

05. 

06. 

07. 

08. 

09. 

10. 

Rise-based  Servers 


Blade  Servers 
Print/Fax/Video  Servers 


11. 

12. 

_ 

13. 

_ 

14. 

15. 

Mainframes 


12.  _  Network  Copiers/Printers  (hybrids) 

13. P  Endosures/Racks/Fumiture 
KVM  Switches 

15.  LI  Other  Computers/Peripherals 

SOFTWARE/ APPLICATIONS 
A  B 


Desktop/Server  Operating  Systems 
Network/Systems  Management 


16. 

17. 

18. 

If  military,  please  specify  branch  and  base 

If  government,  please  specify  division 

(Question  #9  -  Continued) 

A  B 

19. 

20. 

21. 

22. 

23. 

24. 

25. 

26. 

27. 

28. 

29. 

30. 

31. 


Application  Management 

_ SLA  Management 

Directory  Services 
_|  E-Mail/Unified  Messaging 
_ Groupware 

Database  Management  Systems 
Customer  &  Supplier  Resource  Mgmt  SflWCflM 
Enterprise  Resource  Planning  (EBP) 

XML  Tools 

Desktop  Videoconferencing 
Middleware 

Data  Warehousing/Business  Anaiytics/EIS 
Enterprise  Application  Integration  (EAi) 


032.  Lj  Applications  Development  Tools 
33.  U  Other  Software/Applications 

BUSINESS  SERVICES 

A  B 

□  ASP/MSP/SSP  Services 
_  Systems  Integration/Consulting 
_  EducatiorvTraining  Services 
_  Other  Services 

A  B 

None  of  the  above  (1-37)  038.1 


34. 

35. 

_ 

36. 

_ 

37. 

_ 

•1  Please  indicate  the  platforms  that  are  currently  installed/planned,  (check  all  that  apply) 


A.  CURRENTLY  INSTALLED 


NETWORK  PROTOCOLS 

A  B 

TCP/IP  v4 
TCP/IP  v6 


NETBIOS/NETBUEI 


01. 

02. 

03. 

_ 

04 

_ 

05. 

06. 

07. 

_ 

LAN/WAN 

A 

B 

_ 

08. 

09. 

_ 

10. 

11. 

12. 

_ 

13. 

14. 

15. 

16. 

_ 

17. 

18. 

19. 

20. 

B.  PLAN  TO  PURCHASE 


Frame  Relay 

Private  Une  T1 .  T3.  OC-3,  OC-12 
Other  LAN/WAN  Environment 

DESKTOP/SERVER  OPERATING  SYSTEMS 

A  B 


21. 

22. 

23. 

Gigabit  Ethernet 
Switched  Ethernet 
Fast  Ethernet 
Ethernet 
ATM 

Token  Ring 

Layer  3-7  Switching 

FOCI 

Fibre  Channel/ISCSI 
Wireless  LANs 


ISDN 


~ 

24. 

Windows  XP 

25. 

Windows  2000 

26. 

_ 

Windows  95/98/ME 

27. 

_ 

Windows  NT 

28. 

_ 

Novell  (NetWare  6.X.  5.X.  4.X  XX  2.X) 

29. 

Linux 

30. 

_ 

UNIX 

31. 

SOLARIS 

32. 

_ 

IBM  MVS/VM/VSE/ESA 

33. 

OS/400 

34. 

_ 

Digital  VMS 

35. 

Macintosh 

36. 

_ 

Palm  OS 

_ 

37. 

Windows  CE 

— 

38. 

— 

Other  Operating  System 

A  B 

None  of  the  above  (1-38)  O  39. 0 


Which  nf  the  following  haidware  platforms  aie  installed/planned  in  your  company? 

(check  ALL  that  apply) 


A.  SERVERS 

B.  WO 

01. 

IBM  (Mainframes) 

01. 

02. 

IBM  RS/6000 

02. 

03. 

IBM  AS/400 

03. 

04. 

Digital/Tandem/Compaq 

04. 

05. 

Unisys 

05. 

06. 

H-P 

06. 

07. 

Other 

07. 

IBM 

Dell 

Gateway 

Fujitsu 


08.  _  Toshiba 
09.  _  Sony 
10.  _  Apple 
11.0  Other 


B 


What  is  the  estimated  gross  revenue  of  your  entire  company/institution?  (check  Qh£  only) 


01. 

$20  Billion  or  More  05. 

02. 

$10  Billion  to  $19.9  Billion  06. 

03. 

$1  Billion  to  $9.9  Billion  07. 

04. 

$500  Million  to  $999.9  MlllionOS. 

_ 

$100  Million  to  $499.9  Million  09. 


$50  Million  to  $99.9  Million 
$10  Million  to  $49.9  Million 


10. 


□  $4 

□  No 


9  Million  or  Less 
None  of  the  above 


m 


For  which  aieas  outside  of  the  U.S. A.  do  you  have  purchase  influence? 


_  Europe 

3. _  South  America 

5-C 

1  Middle  East 

7-F 

J  Canada 

1 _ 1  Asia 

4.1 _ 1  Australia 

6.L 

J  Africa 

8.  L 

J  None 
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E  FAMILY 


MULTIPROTOCOL  ROUTING 


GIGABIT  ETHERNET  UPLINKS 


lOOOBASE-T 


UPLINKS  INCLUDED 


■  Hf'  F°UNDft, 


Fdstlron  ftfj; 


ASIC-BASED  JETSCDPE/sFLOW 


AC/DC  POWER  SUPPLIES 


Ironware™  software 


IRONSHIELD  SECURITY 


WEB,  AND  CLI  INTERFACES 


MAC-LAYER  PORT  LOCKING 
AND  DOS  PROTECTION 


Your  competitive  edge. 


Fastlron  Edge  Switches  let  you  do  more  with  less.  Compact  form.  Immense  capabilities. 
Fasti ron  Edge  Stackables  pack  more  power  into  your  wiring  closet  than  any  other  switch.  They  give  you 
tunable  functionality,  configurable  security,  and  simplified  management.  The  96-port  model  has  twice 
the  port  density  of  the  nearest  competitor.  With  a  common  user  interface,  standard-based  network 
management  support,  redundant  and  hot-swappable  power  supplies,  and  a  common  softw  are  suite,  the 
Fastlron  Edge  switches  give  you  the  lowest  total  cost  of  ownership  and  the  highest  investment  value  of 
all  the  major  switches.  Get  a  competitive  edge — get  a  Fastlron  Edge  Switch.  Call  1.888.TURBOLAN 
(887-2652)  or  www.foundrynetworks.com/fes. 
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